Resolving of symbolic references is currently implemented inside the
"refs" layer. As a result, it's hard to call this function from
low-level parts that only have a refdb available, but no repository, as
the "refs" layer always operates on the repository-level. So let's move
the function into the generic "refdb" implementation to lift this
restriction.

There's two tests that create a commit signature, but never make any use
of it. Let's remove these to avoid any confusion.

The logic to determine whether a reflog entry should be for the HEAD
reference is non-trivial. Currently, the only user of this is the
filesystem-based refdb, but with the advent of the reftable refdb we're
going to add a second user that's interested in having the same
behaviour.

Let's pull out a new function that checks whether a given reference
should cause a entry to be written to the HEAD reflog as a preparatory
step.

The logic to determine whether a reflog should be written is
non-trivial. Currently, the only user of this is the filesystem-based
refdb, but with the advent of the reftable refdb we're going to add a
second user that's interested in having the same behaviour.

Let's pull out a new function that checks whether a given reference
should cause a reflog to be written as a preparatory step.

Make the tests run cleanly under UndefinedBehaviorSanitizer

Make the tests pass cleanly with MemorySanitizer

Enable building git2.rc resource script with GCC

Make NTLMClient Memory and UndefinedBehavior Sanitizer-clean

Fix the default LIBGIT2_FILENAME for GNU windres

This change makes the code pass the libgit2 tests cleanly when
MSan/UBSan are enabled. Notably:

* Changes malloc/memset combos into calloc for easier auditing.
* Makes `write_buf` return early if the buffer length is empty to avoid
  arithmetic with NULL pointers (which UBSan does not like).
* Initializes a few arrays that were sometimes being read before being
  written to.

This change:

* Initializes a few variables that were being read before being
  initialized.
* Includes https://github.com/madler/zlib/pull/393. As such,
  it only works reliably with `-DUSE_BUNDLED_ZLIB=ON`.

This change makes the tests run cleanly under
`-fsanitize=undefined,nullability` and comprises of:

* Avoids some arithmetic with NULL pointers (which UBSan does not like).
* Avoids an overflow in a shift, due to an uint8_t being implicitly
  converted to a signed 32-bit signed integer after being shifted by a
  32-bit signed integer.
* Avoids a unaligned read in libgit2.
* Ignores unaligned reads in the SHA1 library, since it only happens on
  Intel processors, where it is _still_ undefined behavior, but the
  semantics are moderately well-understood.

Of notable omission is `-fsanitize=integer`, since there are lots of
warnings in zlib and the SHA1 library which probably don't make sense to
fix and I could not figure out how to silence easily. libgit2 itself
also has ~100s of warnings which are mostly innocuous (e.g. use of enum
constants that only fit on an `uint32_t`, but there is no way to do that
in a simple fashion because the data type chosen for enumerated types is
implementation-defined), and investigating whether there are worrying
warnings would need reducing the noise significantly.

Random fixes for diff-printing

index: Update the documentation for git_index_add_from_buffer()

We currently don't check for out-of-memory situations on exiting
`format_binary` and, as a result, may return a partially filled buffer.
Fix this by checking the buffer via `git_buf_oom`.

Calling abort(3P) in a library is rather rude and shouldn't happen, as
we effectively prohibit any corrective actions made by the application
linking to it. We thus shouldn't call it at all, but instead use our new
`GIT_ASSERT` macros.

Remove the call to abort(3P) in case a diff delta has an unexpected type
to fix this.

When printing the diff to a `FILE *` handle, we neither check the return
value of fputc(3P) nor the one of fwrite(3P). As a result, we'll
silently return successful even if we didn't print anything at all.
Futhermore, the arguments to fwrite(3P) are reversed: we have one item
of length `content_len`, and not `content_len` items of one byte.

Fix both issues by checking return values as well as reversing the
arguments to fwrite(3P).

Introduce CI with GitHub Actions

Add CI using GitHub Actions and GitHub Packages:

* This moves our Linux build containers into GitHub Packages; we will
  identify the most recent commit that updated the docker descriptions,
  and then look for a docker image in libgit2's GitHub Packages registry
  for a container with the tag corresponding to that description.  If
  there is not one, we will build the container and then push it to
  GitHub Packages.

* We no longer need to manage authentication with our own credentials or
  PAT tokens.  GitHub Actions provides a GITHUB_TOKEN that can publish
  artifacts, packages and commits to our repository within a workflow
  run.

* We will use a matrix to build our various CI steps.  This allows us
  to keep configuration in a single place without multiple YAML files.

Random code cleanups and fixes

examples: log: fix documentation generation

The xenial image depends on ubuntu:xenial; the bionic one on
ubuntu:bionic.  No need for this to be a variable, that's just
additional (unnecessary) state to manage in the CI setup(s).

Azure Pipelines has a version of zlib hanging out on the filesystem;
avoid trying to use it as it's either 64 _or_ 32 bit, so exactly one of
our builds will fail.

Missing declarations

Over time, we have accumulated quite a lot of functions with missing
prototypes, missing `static` keywords or which were completely unused.
It's easy to miss these mistakes, but luckily GCC and Clang both have
the `-Wmissing-declarations` warning. Enabling this will cause them to
emit warnings for every not-static function that doesn't have a previous
declaration. This is a very sane thing to enable, and with the preceding
commits all these new warnings have been fixed.

So let's always enable this warning so we won't introduce new instances
of them.

The function `git_reference__is_note` is not declared anywhere. Let's
add the declaration to avoid having non-static functions without
declaration.

When compiling libgit2 with -DDEPRECATE_HARD, we add a preprocessor
definition `GIT_DEPRECATE_HARD` which causes the "git2/deprecated.h"
header to be empty. As a result, no function declarations are made
available to callers, but the implementations are still available to
link against. This has the problem that function declarations also
aren't visible to the implementations, meaning that the symbol's
visibility will not be set up correctly. As a result, the resulting
library may not expose those deprecated symbols at all on some platforms
and thus cause linking errors.

Fix the issue by conditionally compiling deprecated functions, only.
While it becomes impossible to link against such a library in case one
uses deprecated functions, distributors of libgit2 aren't expected to
pass -DDEPRECATE_HARD anyway. Instead, users of libgit2 should manually
define GIT_DEPRECATE_HARD to hide deprecated functions. Using "real"
hard deprecation still makes sense in the context of CI to test we don't
use deprecated symbols ourselves and in case a dependant uses libgit2 in
a vendored way and knows it won't ever use any of the deprecated symbols
anyway.

We're missing some header includes leading to missing function
prototypes. While we currently don't warn about these, we should have
their respective headers included in order to detect the case where a
function signature change results in an incompatibility.

We've accumulated quite some functions which are never used outside of
their respective code unit, but which are lacking the `static` keyword.
Add it to reduce their linkage scope and allow the compiler to optimize
better.

We have some functions which aren't used anywhere. Let's remove them to
get rid of unneeded baggage.

Docurium seems to be confused by our use of `/** comment */;` use in the
log example. Let's just switch it around to help Docurium get this
right.

With commit 05f69012 (checkout: remove blocking dir when FORCEd,
2015-03-31), the last case was removde that actually queued a deferred
removal. This is now more than five years in the past and nobody
complained, so we can rest quite assured that the deferred removal is
not really needed at all.

Let's remove all related code to simplify the already complicated
checkout logic.

The coding style of the testcase refs::create::propagate_eexists is not
really up-to-date. Convert it to use a more modern coding style.

When extracting curly braces (e.g. the "upstream" part in
"HEAD@{upstream}"), we put the curly braces' contents into a `git_buf`
structure, but don't check the return value of `git_buf_putc`. So when
we run out-of-memory, we'll use a partially filled buffer without
noticing.

Let's fix this issue by checking `git_buf_putc`'s return value.