aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* *: Support variable length plumbing.HashPaulo Gomes2023-03-0813-38/+41
| | | | | | | | | | | | The variable length for plumbing.Hash is defined at build time, blocked by tag sha256. This approach was a trade-off between keeping backwards compatibility while making progress towards supporting SHA256 with a small amount of changes. Relates to the SHA256 implementation, defined in #706. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* config: Add Repository Format ExtensionPaulo Gomes2023-03-084-22/+149
| | | | | | Relates to the SHA256 implementation, defined in #706. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* plumbing/hash: Add SHA256 as a supported algorithmPaulo Gomes2023-03-073-0/+33
| | | | | | Relates to #706. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Merge pull request #655 from aymanbagabas/hostkeycallbackPaulo Gomes2023-03-064-43/+101
|\ | | | | fix(ssh): unable to pass a custom HostKeyCallback func
| * fix(ssh): unable to pass a custom HostKeyCallback funcAyman Bagabas2023-03-054-43/+101
| | | | | | | | | | | | | | | | Don't overwrite HostKeyCallback if one is provided. Fixes: c35b8082c863 ("plumbing: transport/ssh, auto-populate ClientConfig.HostKeyAlgorithms. Fixes #411") Fixes: https://github.com/go-git/go-git/issues/654 Signed-off-by: Ayman Bagabas <ayman.bagabas@gmail.com>
* | Merge pull request #701 from pjbgf/buildPaulo Gomes2023-03-064-6/+6
|\ \ | | | | | | ci: Bump GitHub actions, enable go test race detection and stop using developer's GPG keys during test execution
| * | ci: Enable race detection for go testsPaulo Gomes2023-03-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | After the fix of data races in go-billy (go-git/go-billy/pull/28) race detection can be enabled in go-git to ensure no new issues go undetected. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * | ci: Bump GitHub actionsPaulo Gomes2023-03-052-4/+4
| | | | | | | | | | | | | | | | | | | | | Removes the error messages: Node.js 12 actions are deprecated. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * | tests: Avoid use of user's GPG keys during testsPaulo Gomes2023-03-051-1/+1
|/ / | | | | | | | | | | | | | | | | | | | | | | | | The TestPullAdd test uses git CLI to perform a commit. Contributors with signing enabled globally would have their GPG configuration being used to sign that test commit. This behaviour was transparent for contributors that do not use secure keys which requires physical confirmation. The new behaviour disables GPG signing for that test, which was not required as part of the test. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | Merge pull request #696 from pjbgf/fix-panic-rrPaulo Gomes2023-03-022-35/+50
|\ \ | | | | | | *: Fix panic for empty revisions. Fixes #674
| * | *: Fix panic for empty revisionsPaulo Gomes2023-03-022-35/+50
|/ / | | | | | | Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | Merge pull request #697 from pjbgf/bump-depsPaulo Gomes2023-03-024-17/+21
|\ \ | | | | | | Bump dependencies
| * | build: Reduce git token permissionsPaulo Gomes2023-03-022-0/+6
| | | | | | | | | | | | Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * | Bump dependenciesPaulo Gomes2023-03-022-17/+15
|/ / | | | | | | | | | | | | | | | | - github.com/ProtonMail/go-crypto to version 0.0.0-20230217124315-7d5c6f04bbb8. - github.com/acomagu/bufpipe to version 1.0.4. - github.com/go-git/go-billy/v5 to version 5.4.1. - golang.org/x/crypto to version 0.6.0. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | Merge pull request #682 from ThinkChaos/fix/transport-empty-unknown-errPaulo Gomes2023-03-022-1/+15
|\ \ | | | | | | fix: don't use the `firstErrLine` when it is empty
| * | fix: don't use the `firstErrLine` when it is emptyThinkChaos2023-02-212-1/+15
| | | | | | | | | | | | | | | Returning `nil` causes `handleAdvRefDecodeError` to fall back to `io.ErrUnexpectedEOF`.
* | | Merge pull request #684 from go-git/dependabot/go_modules/golang.org/x/net-0.7.0Paulo Gomes2023-03-022-7/+11
|\ \ \ | | | | | | | | build(deps): bump golang.org/x/net from 0.2.0 to 0.7.0
| * | | build(deps): bump golang.org/x/net from 0.2.0 to 0.7.0dependabot[bot]2023-03-022-7/+11
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [golang.org/x/net](https://github.com/golang/net) from 0.2.0 to 0.7.0. - [Release notes](https://github.com/golang/net/releases) - [Commits](https://github.com/golang/net/compare/v0.2.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #692 from pat-nel87/masterMáximo Cuadros2023-03-011-1/+0
|\ \ \ | | | | | | | | _examples: README.md , Remove broken Config link.
| * | | _examples: README.md , Remove broken Config link. pat-nel872023-02-271-1/+0
| |/ / | | | | | | | | | This link is broken and doesn't appear to map to anything current. I propose We remove this link.
* | | Merge pull request #690 from hiddeco/recognize-tag-signaturesv5.6.0Máximo Cuadros2023-02-284-32/+307
|\ \ \ | | | | | | | | plumbing: support SSH/X509 signed tags
| * | | plumbing: support SSH/X509 signed tagsHidde Beydals2023-02-274-32/+307
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit enables support for extracting the SSH and X509 signatures from (annotated) Git tags, as an initial step to support the verification of more signatures than just PGP in go-git. The ported logic from Git further ensures that we look for a signature at the tail of an annotation, instead of the first signature we find in the annotation, as this could theoretically result in a faulty signature getting detected if part of a an annotation itself (e.g. by being placed in the middle as part of an inherited message). For commits, no further change is required as the current extraction of any signature (format) from `gpgsig` in the commit header is sufficient for manual verification. In a future iteration, we could add `signature/ssh` and `signature/x509` packages to further enable people to deal with verifying other signatures than PGP. As well as adding additional methods to `Commit` and `Tag` to provide glue between the packages and the most prominent user-facing APIs. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
* | | Merge pull request #688 from pjbgf/bump-sha1cdMáximo Cuadros2023-02-283-7/+14
|\ \ \ | |/ / |/| | Remove need to build with CGO
| * | Remove need to build with CGOPaulo Gomes2023-02-253-7/+14
|/ / | | | | | | | | | | | | | | | | | | | | | | Follow-up from #618, at the time the Pure Go sha1cd implementation was not performant enough to be the default. This has now changed and the cgo and generic implementations yields similar results. Users are able to override the default implementation, however this seems to be a better default as it does not require the use of CGO during build time. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | ci: update go versionMaximo Cuadros2023-02-052-2/+2
| |
* | git: worktree: check for empty parent dirs during Reset (Fixes #670) (#671)mbohy2023-01-282-10/+90
|/ | | | | | | | | | When we delete dir1/dir2/file1, we currently check if dir2 becomes empty with the deletion of file1, and if so, we delete dir2. If dir1 becomes empty with the deletion of dir2, we don't notice that, and dir1 is left behind. This commit adds a loop to check each parent directory in the file path for emptiness, removing empty directories along the way until a non-empty directory is found (or an error occurs).
* Worktree: Add, fix add removed files. Fixes #223 (#652)v5.5.2Taketoshi Fujiwara2023-01-052-16/+70
|
* Merge pull request #653 from go-git/billyMáximo Cuadros2023-01-052-4/+6
|\ | | | | go.mod: update go-billy v5.4.0, removes races
| * go.mod: update go-billy v5.4.0, removes racesMáximo Cuadros2023-01-052-4/+6
|/
* .github: test, remove coverallsv5.5.1Máximo Cuadros2022-12-111-15/+0
|
* Merge pull request #617 from doxsch/616-update-ssh-agent-to-masterMáximo Cuadros2022-12-112-3/+3
|\ | | | | plumbing: transport/ssh: fix panic on Windows 10 with paegent as ssh-agent
| * fix: Upgrade github.com/xanzy/ssh-agent to v0.3.3 to fix panicdoxsch2022-12-052-3/+3
| |
* | Merge pull request #625 from pjbgf/bump-sha1cd-nocgoMáximo Cuadros2022-12-113-3/+8
|\ \ | | | | | | Fix error when building with `CGO_ENABLED=0`
| * | build: Bump github.com/pjbgf/sha1cd to v0.2.3Paulo Gomes2022-12-032-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | Fixes regression in which applications that depend on go-git could no longer build with CGO_ENABLED=0 or when vendoring dependencies. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * | build: Add CI check for CGO_ENABLED=0Paulo Gomes2022-12-021-0/+5
| |/ | | | | | | | | | | | | | | Some applications that depend on go-git may not need to build using CGO. The new test ensures no new regressions going forwards. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | Merge pull request #623 from pjbgf/empty-commitMáximo Cuadros2022-12-114-6/+75
|\ \ | |/ |/| Return error instead of creating empty commits
| * Return error instead of creating empty commitsPaulo Gomes2022-12-034-6/+75
|/ | | | | | | | | | | | | | | | | | | | BuildTree now returns an ErrEmptyCommit error, when there are no changes to be committed. This can be opted-out via CommitOptions.AllowEmptyCommits. This is a breaking change which enables applications to detect when empty commits are to be created. Some instances in which this can occur is when the fs (e.g. `billy/osfs`) make changes to the underlying files, causing a conflict between what the previous Git worktree state was, and the current state. Changes to the fs implementations are orthogonal to this, and will be dealt with separately. The new behaviour aligns with the Git CLI, in which empty commits returns the error message: 'nothing to commit, working tree clean'. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Merge pull request #620 from fluxcd/update-depsv5.5.0Máximo Cuadros2022-11-303-45/+71
|\ | | | | Update dependencies to remove supply chain CVEs
| * build: bump git workflow to Go 1.19Paulo Gomes2022-11-301-1/+1
| | | | | | | | Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * Update dependenciesPaulo Gomes2022-11-302-44/+70
|/ | | | | | | | | | | | | | | | | | | | | | | | | | Mitigates known supply chain CVEs: golang.org/x/crypto: - GO-2021-0356 - GO-2022-0968 golang.org/x/net: - GO-2021-0238 - GO-2022-0236 - GO-2022-0288 - GO-2022-0969 golang.org/x/sys: - GO-2022-0493 golang.org/x/text: - GO-2021-0113 - GO-2022-1059 Updates other dependencies that have no backwards compatibility issues. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Update test.ymlMáximo Cuadros2022-11-291-0/+1
|
* Merge pull request #622 from go-git/test-1.19Máximo Cuadros2022-11-291-3/+3
|\ | | | | .github: update go version
| * .github: update go versionMáximo Cuadros2022-11-291-3/+3
|/
* Merge pull request #618 from fluxcd/collision_detectionMáximo Cuadros2022-11-2910-17/+184
|\ | | | | sha1: Add collision resistent implementation
| * sha1: Add collision resistent implementationPaulo Gomes2022-11-2510-17/+184
|/ | | | | | | | | | | | | | | | | | | Implement the same SHA1 collision resistent algorithm used by both the Git CLI and libgit2. Only commits with input that match the unavoidable bit conditions will be further processed, which will result in different hashes. Which is the same behaviour experienced in the Git CLI and Libgit2. Users can override the hash algorithm used with: hash.RegisterHash(crypto.SHA1, sha1.New) xref links: https://github.com/libgit2/libgit2/pull/4136/commits/2dfd1294f7a694bfa9e864a9489ae3cb318a5ed0 https://github.com/git/git/commit/28dc98e343ca4eb370a29ceec4c19beac9b5c01e Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Merge pull request #503 from jfontan/fix/similarity-matrix-too-bigMáximo Cuadros2022-11-171-1/+7
|\ | | | | plumbing: object, rename calculation uses too much memory
| * plumbing: object, rename calculation uses too much memoryJavi Fontan2022-03-301-1/+7
| | | | | | | | | | | | | | The size of the similarity matrix is not limited and can be quite big when lots of files are deleted and added in a commit. Signed-off-by: Javi Fontan <jfontan@gmail.com>
* | Merge pull request #354 from dowy/issue/#309-clone-branch-with-hash-in-nameMáximo Cuadros2022-11-172-6/+46
|\ \ | | | | | | plumbing: config, Branch name with hash can be cloned. Fixes #309
| * | plumbing: config, fix broken unit testsAdrian Pronk2021-07-261-3/+13
| | |
| * | plumbing: config, support correct escaping as per git-config rulesAdrian Pronk2021-07-252-13/+25
| | |