aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #697 from pjbgf/bump-depsPaulo Gomes2023-03-024-17/+21
|\ | | | | Bump dependencies
| * build: Reduce git token permissionsPaulo Gomes2023-03-022-0/+6
| | | | | | | | Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * Bump dependenciesPaulo Gomes2023-03-022-17/+15
|/ | | | | | | | | - github.com/ProtonMail/go-crypto to version 0.0.0-20230217124315-7d5c6f04bbb8. - github.com/acomagu/bufpipe to version 1.0.4. - github.com/go-git/go-billy/v5 to version 5.4.1. - golang.org/x/crypto to version 0.6.0. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Merge pull request #682 from ThinkChaos/fix/transport-empty-unknown-errPaulo Gomes2023-03-022-1/+15
|\ | | | | fix: don't use the `firstErrLine` when it is empty
| * fix: don't use the `firstErrLine` when it is emptyThinkChaos2023-02-212-1/+15
| | | | | | | | | | Returning `nil` causes `handleAdvRefDecodeError` to fall back to `io.ErrUnexpectedEOF`.
* | Merge pull request #684 from go-git/dependabot/go_modules/golang.org/x/net-0.7.0Paulo Gomes2023-03-022-7/+11
|\ \ | | | | | | build(deps): bump golang.org/x/net from 0.2.0 to 0.7.0
| * | build(deps): bump golang.org/x/net from 0.2.0 to 0.7.0dependabot[bot]2023-03-022-7/+11
|/ / | | | | | | | | | | | | | | | | | | | | | | | | Bumps [golang.org/x/net](https://github.com/golang/net) from 0.2.0 to 0.7.0. - [Release notes](https://github.com/golang/net/releases) - [Commits](https://github.com/golang/net/compare/v0.2.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #692 from pat-nel87/masterMáximo Cuadros2023-03-011-1/+0
|\ \ | | | | | | _examples: README.md , Remove broken Config link.
| * | _examples: README.md , Remove broken Config link. pat-nel872023-02-271-1/+0
| |/ | | | | | | This link is broken and doesn't appear to map to anything current. I propose We remove this link.
* | Merge pull request #690 from hiddeco/recognize-tag-signaturesv5.6.0Máximo Cuadros2023-02-284-32/+307
|\ \ | | | | | | plumbing: support SSH/X509 signed tags
| * | plumbing: support SSH/X509 signed tagsHidde Beydals2023-02-274-32/+307
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit enables support for extracting the SSH and X509 signatures from (annotated) Git tags, as an initial step to support the verification of more signatures than just PGP in go-git. The ported logic from Git further ensures that we look for a signature at the tail of an annotation, instead of the first signature we find in the annotation, as this could theoretically result in a faulty signature getting detected if part of a an annotation itself (e.g. by being placed in the middle as part of an inherited message). For commits, no further change is required as the current extraction of any signature (format) from `gpgsig` in the commit header is sufficient for manual verification. In a future iteration, we could add `signature/ssh` and `signature/x509` packages to further enable people to deal with verifying other signatures than PGP. As well as adding additional methods to `Commit` and `Tag` to provide glue between the packages and the most prominent user-facing APIs. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
* | Merge pull request #688 from pjbgf/bump-sha1cdMáximo Cuadros2023-02-283-7/+14
|\ \ | |/ |/| Remove need to build with CGO
| * Remove need to build with CGOPaulo Gomes2023-02-253-7/+14
|/ | | | | | | | | | | | Follow-up from #618, at the time the Pure Go sha1cd implementation was not performant enough to be the default. This has now changed and the cgo and generic implementations yields similar results. Users are able to override the default implementation, however this seems to be a better default as it does not require the use of CGO during build time. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* ci: update go versionMaximo Cuadros2023-02-052-2/+2
|
* git: worktree: check for empty parent dirs during Reset (Fixes #670) (#671)mbohy2023-01-282-10/+90
| | | | | | | | | | When we delete dir1/dir2/file1, we currently check if dir2 becomes empty with the deletion of file1, and if so, we delete dir2. If dir1 becomes empty with the deletion of dir2, we don't notice that, and dir1 is left behind. This commit adds a loop to check each parent directory in the file path for emptiness, removing empty directories along the way until a non-empty directory is found (or an error occurs).
* Worktree: Add, fix add removed files. Fixes #223 (#652)v5.5.2Taketoshi Fujiwara2023-01-052-16/+70
|
* Merge pull request #653 from go-git/billyMáximo Cuadros2023-01-052-4/+6
|\ | | | | go.mod: update go-billy v5.4.0, removes races
| * go.mod: update go-billy v5.4.0, removes racesMáximo Cuadros2023-01-052-4/+6
|/
* .github: test, remove coverallsv5.5.1Máximo Cuadros2022-12-111-15/+0
|
* Merge pull request #617 from doxsch/616-update-ssh-agent-to-masterMáximo Cuadros2022-12-112-3/+3
|\ | | | | plumbing: transport/ssh: fix panic on Windows 10 with paegent as ssh-agent
| * fix: Upgrade github.com/xanzy/ssh-agent to v0.3.3 to fix panicdoxsch2022-12-052-3/+3
| |
* | Merge pull request #625 from pjbgf/bump-sha1cd-nocgoMáximo Cuadros2022-12-113-3/+8
|\ \ | | | | | | Fix error when building with `CGO_ENABLED=0`
| * | build: Bump github.com/pjbgf/sha1cd to v0.2.3Paulo Gomes2022-12-032-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | Fixes regression in which applications that depend on go-git could no longer build with CGO_ENABLED=0 or when vendoring dependencies. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * | build: Add CI check for CGO_ENABLED=0Paulo Gomes2022-12-021-0/+5
| |/ | | | | | | | | | | | | | | Some applications that depend on go-git may not need to build using CGO. The new test ensures no new regressions going forwards. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | Merge pull request #623 from pjbgf/empty-commitMáximo Cuadros2022-12-114-6/+75
|\ \ | |/ |/| Return error instead of creating empty commits
| * Return error instead of creating empty commitsPaulo Gomes2022-12-034-6/+75
|/ | | | | | | | | | | | | | | | | | | | BuildTree now returns an ErrEmptyCommit error, when there are no changes to be committed. This can be opted-out via CommitOptions.AllowEmptyCommits. This is a breaking change which enables applications to detect when empty commits are to be created. Some instances in which this can occur is when the fs (e.g. `billy/osfs`) make changes to the underlying files, causing a conflict between what the previous Git worktree state was, and the current state. Changes to the fs implementations are orthogonal to this, and will be dealt with separately. The new behaviour aligns with the Git CLI, in which empty commits returns the error message: 'nothing to commit, working tree clean'. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Merge pull request #620 from fluxcd/update-depsv5.5.0Máximo Cuadros2022-11-303-45/+71
|\ | | | | Update dependencies to remove supply chain CVEs
| * build: bump git workflow to Go 1.19Paulo Gomes2022-11-301-1/+1
| | | | | | | | Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * Update dependenciesPaulo Gomes2022-11-302-44/+70
|/ | | | | | | | | | | | | | | | | | | | | | | | | | Mitigates known supply chain CVEs: golang.org/x/crypto: - GO-2021-0356 - GO-2022-0968 golang.org/x/net: - GO-2021-0238 - GO-2022-0236 - GO-2022-0288 - GO-2022-0969 golang.org/x/sys: - GO-2022-0493 golang.org/x/text: - GO-2021-0113 - GO-2022-1059 Updates other dependencies that have no backwards compatibility issues. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Update test.ymlMáximo Cuadros2022-11-291-0/+1
|
* Merge pull request #622 from go-git/test-1.19Máximo Cuadros2022-11-291-3/+3
|\ | | | | .github: update go version
| * .github: update go versionMáximo Cuadros2022-11-291-3/+3
|/
* Merge pull request #618 from fluxcd/collision_detectionMáximo Cuadros2022-11-2910-17/+184
|\ | | | | sha1: Add collision resistent implementation
| * sha1: Add collision resistent implementationPaulo Gomes2022-11-2510-17/+184
|/ | | | | | | | | | | | | | | | | | | Implement the same SHA1 collision resistent algorithm used by both the Git CLI and libgit2. Only commits with input that match the unavoidable bit conditions will be further processed, which will result in different hashes. Which is the same behaviour experienced in the Git CLI and Libgit2. Users can override the hash algorithm used with: hash.RegisterHash(crypto.SHA1, sha1.New) xref links: https://github.com/libgit2/libgit2/pull/4136/commits/2dfd1294f7a694bfa9e864a9489ae3cb318a5ed0 https://github.com/git/git/commit/28dc98e343ca4eb370a29ceec4c19beac9b5c01e Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* Merge pull request #503 from jfontan/fix/similarity-matrix-too-bigMáximo Cuadros2022-11-171-1/+7
|\ | | | | plumbing: object, rename calculation uses too much memory
| * plumbing: object, rename calculation uses too much memoryJavi Fontan2022-03-301-1/+7
| | | | | | | | | | | | | | The size of the similarity matrix is not limited and can be quite big when lots of files are deleted and added in a commit. Signed-off-by: Javi Fontan <jfontan@gmail.com>
* | Merge pull request #354 from dowy/issue/#309-clone-branch-with-hash-in-nameMáximo Cuadros2022-11-172-6/+46
|\ \ | | | | | | plumbing: config, Branch name with hash can be cloned. Fixes #309
| * | plumbing: config, fix broken unit testsAdrian Pronk2021-07-261-3/+13
| | |
| * | plumbing: config, support correct escaping as per git-config rulesAdrian Pronk2021-07-252-13/+25
| | |
| * | plumbing: config, remove duplicated character in setAdrian Pronk2021-07-241-1/+1
| | |
| * | plumbing: config, Branch name with hash can be cloned. Fixes #309Adrian Pronk2021-07-242-1/+19
| | |
* | | Merge pull request #613 from fluxcd/unsupportedMáximo Cuadros2022-11-165-12/+97
|\ \ \ | | | | | | | | Allow unsupported `multi_ack` capability
| * | | Allow unsupported multi_ack capabilityPaulo Gomes2022-11-165-12/+97
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Azure DevOps requires capabilities multi_ack / multi_ack_detailed, which are not fully implemented and by default are included in transport.UnsupportedCapabilities. The initial clone operations require a full download of the repository, and therefore those unsupported capabilities are not as crucial, so by removing them from that list allows for the first clone to work successfully. Additional fetches will yield issues, therefore to support that repository users have to work from a clean clone until those capabilities are fully supported. Commits and pushes back into the repository have also been tested and work fine. This change adds an example for cloning Azure DevOps repositories. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
* | | Merge pull request #586 from blmayer/patch-1Miguel Molina2022-11-071-5/+5
|\ \ \ | | | | | | | | Fixed some little typos
| * | | Fixed some little typosBrian Mayer2022-09-271-5/+5
| | | |
* | | | Merge pull request #598 from To1ne/toon-fix-gitattr-crashMáximo Cuadros2022-11-072-0/+11
|\ \ \ \ | | | | | | | | | | plumbing: gitattributes, Avoid index out of range
| * | | | plumbing: gitattributes, Avoid index out of rangeToon Claes2022-10-122-0/+11
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a path is deeper than the single asterisk pattern the code would crash with a "index out of range". This change checks the length of the remaining pattern before it references an element of that slice. With a single trailing asterisk paths deeper than the pattern should not get the attributes. For example with the following `.gitattributes` file: thirdparty/* linguist-vendored This is how git handles it: $ git check-attr --all thirdparty/README.md thirdparty/README.md: diff: markdown thirdparty/README.md: linguist-vendored: set $ git check-attr --all thirdparty/package/README.md thirdparty/package/README.md: diff: markdown
* | | | Merge pull request #608 from pjbgf/optimise-zlib-readerMáximo Cuadros2022-11-0720-161/+417
|\ \ \ \ | | | | | | | | | | Optimise zlib reader and consolidate sync.Pools
| * | | | tests: Replace time.sleep with eventuallyPaulo Gomes2022-11-071-8/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous approach was intermittently flake, leading to different results based on external results. The check for goroutines numbers now checks for less or equal, as the goal of the assertion is to confirm no goroutine is being leaked. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
| * | | | Optimize zlib reader and consolidate sync.poolsPaulo Gomes2022-11-0719-153/+398
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expands on the optimisations from https://github.com/fluxcd/go-git/pull/5 and ensures that zlib reader does not need to recreate a deflate dictionary at every use. The use of sync pools was consolidated into a new sync utils package. name old time/op new time/op delta Parser-16 7.51ms ± 3% 7.71ms ± 6% ~ (p=0.222 n=5+5) name old alloc/op new alloc/op delta Parser-16 4.65MB ± 3% 1.90MB ± 3% -59.06% (p=0.008 n=5+5) name old allocs/op new allocs/op delta Parser-16 3.48k ± 0% 3.32k ± 0% -4.57% (p=0.016 n=5+4) Signed-off-by: Paulo Gomes <pjbgf@linux.com>