When we moved the logic to handle the first one, wrong loop logic was
kept in place which meant we still finished early. But we now notice it
because we're not reading past the last LF we find.

This was not noticed before as the last field in the tested commit was
multi-line which does not trigger the early break.

Coverity improvements for GITERR_CHECK_ALLOC

When posting our instrumented build results to Coverity we have
to include sensitive information, in particular our authorization
token. Currently we use an unencrypted channel to post this
information, leading to the token being transferred in plain.

Fix this by using a secured connection instead.

Coverity currently lists a lot of errors with regard to
GITERR_CHECK_ALLOC causing resource leaks. We know this macro is
only invoked when we want to abort because we are out of memory.

Coverity allows for overriding the default model where we know
that certain functions guarantee a desired behavior. The
user_nodefs.h is used to override the behavior of macros.
Re-define GITERR_CHECK_ALLOC inside of it to specify its abort
nature.

Introduce git_commit_extract_signature

Coverity fixes

This returns the GPG signature for a commit and its contents without the
signature block, allowing for the verification of the commit's
signature.

commit: also match the first header field when searching

The function `git_packfile_stream_open` tries to free the passed
in stream when an error occurs. The only call site is
`git_indexer_append`, though, which passes in the address of a
stream struct which has not been allocated on the heap.

Fix the issue by simply removing the call to free. In case of an
error we did not allocate any memory yet and otherwise it should
be the caller's responsibility to manage it's object's lifetime.

We were searching only past the first header field, which meant we were
unable to find e.g. `tree` which is the first field.

While here, make sure to set an error message in case we cannot find the
field.

Coverity fixes

Better document `git_merge_commits` redux

`git_merge_commits` and `git_merge` now *do* handle recursive base
building for criss-cross merges.  Remove the documentation that says
that they do not.

This reverts commit 5e44d9bc.

mailmap: add ethomson@github.com

When copying contents of the cURL certiinfo we duplicate the
data but forget to actually put it into the vector.

Introduce Contributor Covenant

Free allocated pointer to curl stream on error

winhttp: name mangle class / iid on mingw

Export git_stash_apply_init_options

Fix typo

Fix a typo in documentation

Standard Windows type systems define CLSID_InternetSecurityManager
and IID_IInternetSecurityManager, but MinGW lacks these definitions.
As a result, we must hardcode these definitions ourselves.  However,
we should not use a public struct with those names, lest another
library do the same thing and consumers cannot link to both.

Make packfile_unpack_compressed a private API

Fix some issues with generated pkg-config file

ssh_stream_read(): fix possible *bytes_read < 0 branch