- 31 Aug, 2021 4 commits
-
-
This change fixes a possible null pointer dereference if anything inside `git_commit_graph_writer_add_index_file` fails before the packfile being valid. https://scan6.coverity.com/reports.htm#v52218/p10377/fileInstanceId=122935896&defectInstanceId=32525576&mergedDefectId=1461634
lhchavez committed -
Edward Thomson committed
-
Edward Thomson committed
-
Fix worktree iteration when repository has no common directory
Edward Thomson committed
-
- 30 Aug, 2021 28 commits
-
-
Set Host Header to match CONNECT authority target
Edward Thomson committed -
Edward Thomson committed
-
Edward Thomson committed
-
Prior to this change, for CONNECT requests, the Host header was set to the host and port of the target http proxy. However, per the rfc7230 for HTTP/1.1 this is incorrect as the Host header should match the target of the CONNECT request, as detailed in section 5.3.3 & 5.4. 5.3.3. authority-form The authority-form of request-target is only used for CONNECT requests (Section 4.3.6 of [RFC7231]). authority-form = authority When making a CONNECT request to establish a tunnel through one or more proxies, a client MUST send only the target URI's authority component (excluding any userinfo and its "@" delimiter) as the request-target. For example, CONNECT www.example.com:80 HTTP/1.1 5.4. Host <snip> A client MUST send a Host header field in all HTTP/1.1 request messages. If the target URI includes an authority component, then a client MUST send a field-value for Host that is identical to that authority component, excluding any userinfo subcomponent and its "@" delimiter (Section 2.7.1). If the authority component is missing or undefined for the target URI, then a client MUST send a Host header field with an empty field-value. This issue was noticed when proxying requests through HAProxy 2.2 which rejects these invalid http requests.
Jesse Hathaway committed -
Fixes from code analysis
Edward Thomson committed -
Edward Thomson committed
-
Edward Thomson committed
-
Edward Thomson committed
-
Edward Thomson committed
-
Edward Thomson committed
-
Edward Thomson committed
-
Edward Thomson committed
-
buf: deprecate public git_buf writing functions
Edward Thomson committed -
filter: filter drivers stop taking git_buf as user input
Edward Thomson committed -
Introduce `create_commit_cb`, deprecate `signing_cb`
Edward Thomson committed -
remote: introduce remote_ready_cb, deprecate resolve_url callback
Edward Thomson committed -
opts: test GIT_OPT_SET_SSL_CERT_LOCATIONS
Edward Thomson committed -
fixes #6003
Zachary Michaels committed -
Include a self-signed certificate for test.libgit2.org:1443 that we can use to verify that GIT_OPT_SET_SSL_CERT_LOCATIONS works.
Edward Thomson committed -
lhchavez committed
-
Checkout dry-run
Edward Thomson committed -
Edward Thomson committed
-
midx: Introduce git_odb_write_multi_pack_index()
Edward Thomson committed -
Use error code GIT_EAUTH for authentication failures
Edward Thomson committed -
Edward Thomson committed
-
midx: Add a way to write multi-pack-index files
Edward Thomson committed -
Edward Thomson committed
-
Edward Thomson committed
-
- 29 Aug, 2021 8 commits
-
-
A `git_buf` is now a read-only structure as far as callers are concerned. This is a mechanism that we can return data to callers using memory that is owned by the library and can be cleaned up by callers (using `git_buf_dispose`). A `git_buf` can no longer be allocated by callers or provided to the library.
Edward Thomson committed -
Edward Thomson committed
-
Using a callback to set a resolve_url is not particularly idiomatic. Deprecate it in favor of the `set_instance_url` and `set_instance_pushurl` functions which can now be called from the `git_remote_ready_cb` callback.
Edward Thomson committed -
Introduce a new callback that fires when the remote is ready to connect.
Edward Thomson committed -
The signing callback should not be used; instead, callers should provide a commit_create_cb, perform the signing and commit creation themselves.
Edward Thomson committed -
Introduce a new mechanism for `git_rebase_commit` for callers to customize the experience. Instead of assuming that we produce the commit for them, provide a commit creation callback that allows callers to produce the commit themselves and return the resulting commit id.
Edward Thomson committed -
Edward Thomson committed
-
Peter Pettersson committed
-