Skip to content

libgit2 v1.9.0

Latest
Latest
Compare
Choose a tag to compare
@ethomson ethomson released this 28 Dec 15:14
· 58 commits to main since this release
v1.9.0
338e6fb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

This is release v1.9.0, "Schwibbogen". As usual, it contains numerous bug fixes, compatibility improvements, and new features.

This is expected to be the final release in the libgit2 v1.x lineage. libgit2 v2.0 is expected to be the next version, with support for SHA256 moving to "supported" status (out of "experimental" status). This means that v2.0 will have API and ABI changes to support SHA256, as well as other breaking changes.

Major changes

  • Documentation improvements
    We've launched a new website for our API reference docs at https://libgit2.org/docs/reference/main. To support this, we've updated the documentation to ensure that all APIs are well-documented, and added docurium-style specifiers to indicate more depth about the API surface.

    We now also publish a JSON blob with the API structure and the documentation that may be helpful for binding authors.

  • TLS cipher updates
    libgit2 has updated our TLS cipher selection to match the "compatibility" cipher suite settings as documented by Mozilla.

  • Blame improvements
    The blame API now contains committer information and commit summaries for blame hunks, and the ability to get information about the line of text that was modified. In addition, a CLI blame command has been added so that the blame functionality can be benchmarked by our benchmark suite.

  • More CLI commands
    libgit2 has added blame and init commands, which have allowed for further benchmarking and several API improvements and git compatibility updates.

  • Warning when configuring without SHA1DC
    Users are encouraged to use SHA1DC, which is git's hash; users should not use SHA1 in the general case. Users will now be warned if they try to configure cmake with a SHA1 backend (-DUSE_SHA1=...).

Breaking changes

There are several ABI-breaking changes that integrators, particularly maintainers of bindings or FFI users, may want to be aware of.

  • Blame hunk structure updates (ABI breaking change)
    There are numerous additions to the git_blame_hunk structure to accommodate more information about the blame process.

  • Checkout strategy updates (ABI breaking change)
    The values for GIT_CHECKOUT_SAFE and GIT_CHECKOUT_NONE have been updated. GIT_CHECKOUT_SAFE is now 0; this was implicitly the default value (with the options constructors setting that as the checkout strategy). It is now the default if the checkout strategy is set to 0. This allows for an overall code simplification in the library.

  • Configuration entry member removal (ABI breaking change)
    The git_config_entry structure no longer contains a free member; this was an oversight as end-users should not try to free that structure.

  • Configuration backend function changes (ABI breaking change)
    git_config_backends should now return git_config_backend_entry objects instead of git_config_entry objects. This allows backends to provide a mechanism to nicely free the configuration entries that they provide.

  • update_refs callback for remotes (ABI breaking change)
    The update_refs callback was added to the git_remote_callbacks structure to provide additional information about updated refs; in particular, the git_refspec is included for more information about the remote ref. The update_refs callback will be preferred over the now deprecated update_tips callback.

What's Changed

New features

  • The git_signature_default_from_env API will now produce a pair of git_signatures representing the author, and the committer, taking the GIT_AUTHOR_NAME and GIT_COMMITTER_NAME environment variables into account. Added by @u-quark in #6706

  • packbuilder can now be interrupted from a callback. Added @roberth in #6874

  • libgit2 now claims to honor the preciousObject repository extension. This extension indicates that the client will never delete objects (in other words, will not garbage collect). libgit2 has no functionality to remove objects, so it implicitly obeys this in all cases. Added by @ethomson in #6886

  • Push status will be reported even when a push fails. This is useful to give information from the server about possible updates, even when the overall status failed. Added by @yerseg in #6876

  • You can now generate a thin pack from a mempack instance using git_mempack_write_thin_pack. Added by @roberth in #6875

  • The new LIBGIT2_VERSION_CHECK macro will indicate whether the version of libgit2 being compiled against is at least the version specified. For example: #if LIBGIT2_VERSION_CHECK(1, 6, 3) is true for libgit2 version 1.6.3 or newer. In addition, the new LIBGIT2_VERSION_NUMBER macro will return an integer version representing the libgit2 version number. For example, for version 1.6.3, LIBGIT2_VERSION_NUMBER will evaluate to 010603. Added by @HamedMasafi in #6882

  • Custom X509 certificates can be added to OpenSSL's certificate store using the GIT_OPT_ADD_SSL_X509_CERT option. Added by @yerseg in #6877

  • The libgit2 compatibility CLI now has a git blame command. Added by @ethomson in #6907

  • Remote callbacks now provide an update_refs callback so that users can now get the refspec of the updated reference during push. This gives more complete information about the remote reference that was updated. Added by @ethomson in #6559

  • An optional FIPS-compliant mode for hashing is now available; you can set -DUSE_SHA256=OpenSSL-FIPS to enable it. Added by @marcind-dot in #6906

  • The git-compatible CLI now supports the git init command, which has been useful in identifying API improvements and incompatibilities with git. Added by @ethomson in #6984

  • Consumers can now query more information about how libgit2 was compiled, and query the "backends" that libgit2 uses. Added by @ethomson in #6971

Bug fixes

  • Fix constness issue introduced in #6716 by @ethomson in #6829
  • odb: conditional git_hash_ctx_cleanup in git_odb_stream by @gensmusic in #6836
  • Fix shallow root maintenance during fetch by @kcsaul in #6846
  • Headers cleanup by @anatol in #6842
  • http: Initialize on_status when using the http-parser backend by @civodul in #6870
  • Leak in truncate_racily_clean in index.c by @lstoppa in #6884
  • ssh: Omit port option from ssh command unless specified in remote url by @jayong93 in #6845
  • diff: print the file header on GIT_DIFF_FORMAT_PATCH_HEADER by @carlosmn in #6888
  • Add more robust reporting to SecureTransport errors on macos by @vcfxb in #6848
  • transport: do not filter tags based on ref dir in local by @rindeal in #6881
  • push: handle tags to blobs by @ethomson in #6898
  • Fixes for OpenSSL dynamic by @ethomson in #6901
  • realpath: unbreak build on OpenBSD by @ajacoutot in #6932
  • util/win32: Continue if access is denied when deleting a folder by @lrm29 in #6929
  • object: git_object_short_id fails with core.abbrev string values by @lrm29 in #6944
  • Clear data after negotiation by @lrm29 in #6947
  • smart: ignore shallow/unshallow packets during ACK processing by @kempniu in #6973

Security fixes

  • ssh: Include rsa-sha2-256 and rsa-sha2-512 in the list of hostkey types by @lrm29 in #6938
  • TLS: v1.2 and updated cipher list by @ethomson in #6960

Code cleanups

Benchmarks

Build and CI improvements

Documentation improvements

Git compatibility fixes

  • Limit .gitattributes and .gitignore files to 100 MiB by @csware in #6834
  • refs: Handle normalizing negative refspecs by @ryan-ph in #6951
  • repo: put a newline on the .git link file by @ethomson in #6981

Dependency updates

Other changes

New Contributors

Full Changelog: v1.8.4...v1.9.0

Contributors

anatol, ehuss, and 25 other contributors
Assets 2
Loading
2 Join discussion