libgit2 v1.9.0

Compare

Choose a tag to compare

ethomson released this 28 Dec 15:14

· 115 commits to main since this release

v1.9.0

338e6fb

This commit was created on GitHub.com and signed with GitHub’sverified signature.

GPG key ID:B5690EEEBB952194

Verified

Learn about vigilant mode.

This is release v1.9.0, "Schwibbogen". As usual, it contains numerous bug fixes, compatibility improvements, and new features.

This is expected to be the final release in the libgit2 v1.x lineage. libgit2 v2.0 is expected to be the next version, with support for SHA256 moving to "supported" status (out of "experimental" status). This means that v2.0 will have API and ABI changes to support SHA256, as well as otherbreaking changes.

Major changes

Documentation improvements
We've launched a new website for our API reference docs athttps://libgit2.org/docs/reference/main. To support this, we've updated the documentation to ensure that all APIs are well-documented, and added docurium-style specifiers to indicate more depth about the API surface.
We now also publish a JSON blob with the API structure and the documentation that may be helpful for binding authors.
TLS cipher updates
libgit2 has updated our TLS cipher selection to match the "compatibility" cipher suite settings asdocumented by Mozilla.
Blame improvements
The blame API now contains committer information and commit summaries for blame hunks, and the ability to get information about the line of text that was modified. In addition, a CLI blame command has been added so that the blame functionality can be benchmarked by our benchmark suite.
More CLI commands
libgit2 has addedblame andinit commands, which have allowed forfurther benchmarking and several API improvements and git compatibility updates.
Warning when configuring without SHA1DC
Users are encouraged to use SHA1DC, which isgit's hash;users should not use SHA1 in the general case. Users will now be warned if they try to configure cmake with a SHA1 backend (-DUSE_SHA1=...).

Breaking changes

There are several ABI-breaking changes that integrators, particularly maintainers of bindings or FFI users, may want to be aware of.

Blame hunk structure updates (ABI breaking change)
There are numerous additions to thegit_blame_hunk structure to accommodate more information about the blame process.
Checkout strategy updates (ABI breaking change)
The values forGIT_CHECKOUT_SAFE andGIT_CHECKOUT_NONE have been updated.GIT_CHECKOUT_SAFE is now0; this was implicitly the default value (with the options constructors setting that as the checkout strategy). It is now the default if the checkout strategy is set to0. This allows for an overall code simplification in the library.
Configuration entry member removal (ABI breaking change)
Thegit_config_entry structure no longer contains afree member; this was an oversight as end-users should not try to free that structure.
Configuration backend function changes (ABI breaking change)
git_config_backends should now returngit_config_backend_entry objects instead ofgit_config_entry objects. This allows backends to provide a mechanism to nicely free the configuration entries that they provide.
update_refs callback for remotes (ABI breaking change)
Theupdate_refs callback was added to thegit_remote_callbacks structure to provide additional information about updated refs; in particular, thegit_refspec is included for more information about the remote ref. Theupdate_refs callback will be preferred over the now deprecatedupdate_tips callback.

What's Changed

New features

Thegit_signature_default_from_env API will now produce a pair ofgit_signatures representing the author, and the committer, taking theGIT_AUTHOR_NAME andGIT_COMMITTER_NAME environment variables into account. Added by@u-quark in#6706
packbuilder can now be interrupted from a callback. Added@roberth in#6874
libgit2 now claims to honor thepreciousObject repository extension. This extension indicates that the client will never delete objects (in other words, will not garbage collect). libgit2 has no functionality to remove objects, so it implicitly obeys this in all cases. Added by@ethomson in#6886
Push status will be reported even when a push fails. This is useful to give information from the server about possible updates, even when the overall status failed. Added by@yerseg in#6876
You can now generate a thin pack from a mempack instance usinggit_mempack_write_thin_pack. Added by@roberth in#6875
The newLIBGIT2_VERSION_CHECK macro will indicate whether the version of libgit2 being compiled against is at least the version specified. For example:#if LIBGIT2_VERSION_CHECK(1, 6, 3) is true for libgit2 version 1.6.3 or newer. In addition, the newLIBGIT2_VERSION_NUMBER macro will return an integer version representing the libgit2 version number. For example, for version 1.6.3,LIBGIT2_VERSION_NUMBER will evaluate to010603. Added by@HamedMasafi in#6882
Custom X509 certificates can be added to OpenSSL's certificate store using theGIT_OPT_ADD_SSL_X509_CERT option. Added by@yerseg in#6877
The libgit2 compatibility CLI now has agit blame command. Added by@ethomson in#6907
Remote callbacks now provide anupdate_refs callback so that users can now get therefspec of the updated reference during push. This gives more complete information about the remote reference that was updated. Added by@ethomson in#6559
An optional FIPS-compliant mode for hashing is now available; you can set-DUSE_SHA256=OpenSSL-FIPS to enable it. Added by @marcind-dot in#6906
The git-compatible CLI now supports thegit init command, which has been useful in identifying API improvements and incompatibilities with git. Added by@ethomson in#6984
Consumers can now query more information about how libgit2 was compiled, and query the "backends" that libgit2 uses. Added by@ethomson in#6971

Bug fixes

Fix constness issue introduced in#6716 by@ethomson in#6829
odb: conditionalgit_hash_ctx_cleanup ingit_odb_stream by@gensmusic in#6836
Fix shallow root maintenance during fetch by@kcsaul in#6846
Headers cleanup by@anatol in#6842
http: Initializeon_status when using the http-parser backend by@civodul in#6870
Leak intruncate_racily_clean in index.c by@lstoppa in#6884
ssh: Omit port option from ssh command unless specified in remote url by@jayong93 in#6845
diff: print the file header onGIT_DIFF_FORMAT_PATCH_HEADER by@carlosmn in#6888
Add more robust reporting to SecureTransport errors on macos by@vcfxb in#6848
transport: do not filter tags based on ref dir in local by@rindeal in#6881
push: handle tags to blobs by@ethomson in#6898
Fixes for OpenSSL dynamic by@ethomson in#6901
realpath: unbreak build on OpenBSD by@ajacoutot in#6932
util/win32: Continue if access is denied when deleting a folder by@lrm29 in#6929
object:git_object_short_id fails with core.abbrev string values by@lrm29 in#6944
Clear data after negotiation by@lrm29 in#6947
smart: ignore shallow/unshallow packets during ACK processing by@kempniu in#6973

Security fixes

ssh: Include rsa-sha2-256 and rsa-sha2-512 in the list of hostkey types by@lrm29 in#6938
TLS: v1.2 and updated cipher list by@ethomson in#6960

Code cleanups

checkout: make safe checkout the default by@ethomson in#6037
url: track whether url explicitly specified a port by@ethomson in#6851
config: removefree ptr fromgit_config_entry by@ethomson in#6804
Add SecCopyErrorMessageString for iOS and update README for iOS by@Kyle-Ye in#6862
vector: free is now dispose by@ethomson in#6896
hashmap: a libgit2-idiomatic khash by@ethomson in#6897
hashmap: asserts by@ethomson in#6902
hashmap: further asserts by@ethomson in#6904
MakeGIT_WIN32 an internal declaration by@ethomson in#6940
pathspec: additional pathspec wildcard tests by@ethomson in#6959
repo: don't require option whentemplate_path is specified by@ethomson in#6983
options: update X509 cert constant by@ethomson in#6974
remote: Handle fetching negative refspecs by@ryan-ph in#6962
Restore tls v1.0 support temporarily by@ethomson in#6964
SHA256 improvements by@ethomson in#6965