util: suppress some uninitialized variable warnings

Avoid macro redefinition of ENABLE_INTSAFE_SIGNED_FUNCTIONS

git2: Fix crash when called w/o parameters

Signed-off-by: Sven Strickroth <email@cs-ware.de>

Signed-off-by: Sven Strickroth <email@cs-ware.de>

ci: overwrite nonsense in /usr/local during macOS setup

GitHub Actions has borked their homebrew setup by first `brew
installing` things into `/usr/local` _and then_ putting their
own things in their place (eg `python`).

This breaks Homebrew, since it thinks it has `python` installed, but
it's actually something else.

Try to avoid using things that are in this bad state.

https://github.com/orgs/community/discussions/78266

In C99 functions need to be declared before they are defined.
We could just add the declarations before them, but including the
header allows the compiler to warn if they differ.

remote: fix memory leak in git_remote_download()

Use #!/bin/bash for script with bash-specific commands

connect_opts is created with its custom_headers and proxy_opts->url possibly
allocated on heap, just like in git_remote_fetch(). But unlike in
_fetch(), it is not disposed at the end of the function, thus causing
memory leak.

remote: optionally report unchanged tips

Like in the previous commit and in git, we reject a path that looks like an
option to avoid injection into the command we ask the remote to execute.

If you pass along something like `-oProxyCommand=...` as the hostname, we would
pass that along to ssh unbeknownst to us and potentially also the user, if
they were asking a tool to recursively clone submodules.

This is the same fix as mainline git although they don't separate the username
and host for ssh so ours looks like it's checking more.

This function returns true if the string starts with a `-` as that could be used
to inject options into commands we execute.

We now have no "big single object" that contains thread state.

Now that thread-local error data is handled in error, move the thread
local data out of the `threadstate` object, since it has now become
useless indirection.

Instead of having a separate type for saving state, we can re-use the
`git_error` structure. In practice, saving the error code along with the
`git_error` information has not proven necessary or useful, so it can be
removed to simplify down to re-using a single structure.

Most callers only need to _get_ error messages. Only callers implemented
more complicated functions (like a custom ODB for example) need to set
them.

(Callback users should likely ferry their own error information in their
callback payload.)

Callers want to be able to simply call `git_error_last()->message`,
not have to worry about whether `git_error_last()` returns NULL or not.

The error handling in the ssh certificate callback is straightforward.
There's no error messages from an external library that need to be
saved, we populate the error message ourselves. Since there's nothing
custom here, it does not need to use the error saving mechanism.

Add OpenSSH support

Handle custom paths for OpenSSH.

This helped when troubleshooting issues running the `ci/test.sh` script
locally.

Callers can specify the ssh command to invoke using `core.sshcommand` or
the `GIT_SSH` environment variable. This is useful for specifying
alternate configuration, and is particularly useful for our testing
environment.

Provide both cmdline-style handling (passing it to the shell on POSIX,
or directly to CreateProcess on win32) and execv style (passing it
directly to execv on POSIX, and mangling it into a single command-line
on win32).