The package rpms/git.git has added or updated architecture specific content in its
spec file (ExclusiveArch/ExcludeArch or %ifarch/%ifnarch) in commit(s):
https://src.fedoraproject.org/cgit/rpms/git.git/commit/?id=f0106d7c9a6f80....
Change:
+%ifarch s390x && 0%{?rhel} == 8
Thanks.
Full change:
============
commit dbec023603a5a5ced85a0192a02bc88f39ac820c
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Mon Apr 18 14:11:02 2022 -0400
update to 2.36.0
Release notes:
https://github.com/git/git/raw/v2.36.0/Documentation/RelNotes/2.36.0.txt
diff --git a/0001-t0033-add-tests-for-safe.directory.patch
b/0001-t0033-add-tests-for-safe.directory.patch
deleted file mode 100644
index 6774b37..0000000
--- a/0001-t0033-add-tests-for-safe.directory.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From e47363e5a8bdf5144059d664c45c0975243ef05b Mon Sep 17 00:00:00 2001
-From: Derrick Stolee <derrickstolee(a)github.com>
-Date: Wed, 13 Apr 2022 15:32:29 +0000
-Subject: [PATCH 1/3] t0033: add tests for safe.directory
-
-It is difficult to change the ownership on a directory in our test
-suite, so insert a new GIT_TEST_ASSUME_DIFFERENT_OWNER environment
-variable to trick Git into thinking we are in a differently-owned
-directory. This allows us to test that the config is parsed correctly.
-
-Signed-off-by: Derrick Stolee <derrickstolee(a)github.com>
-Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
----
- setup.c | 3 ++-
- t/t0033-safe-directory.sh | 34 ++++++++++++++++++++++++++++++++++
- 2 files changed, 36 insertions(+), 1 deletion(-)
- create mode 100755 t/t0033-safe-directory.sh
-
-diff --git a/setup.c b/setup.c
-index 95d5b00940..3c6ed17af9 100644
---- a/setup.c
-+++ b/setup.c
-@@ -1053,7 +1053,8 @@ static int ensure_valid_ownership(const char *path)
- {
- struct safe_directory_data data = { .path = path };
-
-- if (is_path_owned_by_current_user(path))
-+ if (!git_env_bool("GIT_TEST_ASSUME_DIFFERENT_OWNER", 0) &&
-+ is_path_owned_by_current_user(path))
- return 1;
-
- read_very_early_config(safe_directory_cb, &data);
-diff --git a/t/t0033-safe-directory.sh b/t/t0033-safe-directory.sh
-new file mode 100755
-index 0000000000..9380ff3d01
---- /dev/null
-+++ b/t/t0033-safe-directory.sh
-@@ -0,0 +1,34 @@
-+#!/bin/sh
-+
-+test_description='verify safe.directory checks'
-+
-+. ./test-lib.sh
-+
-+GIT_TEST_ASSUME_DIFFERENT_OWNER=1
-+export GIT_TEST_ASSUME_DIFFERENT_OWNER
-+
-+expect_rejected_dir () {
-+ test_must_fail git status 2>err &&
-+ grep "safe.directory" err
-+}
-+
-+test_expect_success 'safe.directory is not set' '
-+ expect_rejected_dir
-+'
-+
-+test_expect_success 'safe.directory does not match' '
-+ git config --global safe.directory bogus &&
-+ expect_rejected_dir
-+'
-+
-+test_expect_success 'safe.directory matches' '
-+ git config --global --add safe.directory "$(pwd)" &&
-+ git status
-+'
-+
-+test_expect_success 'safe.directory matches, but is reset' '
-+ git config --global --add safe.directory "" &&
-+ expect_rejected_dir
-+'
-+
-+test_done
diff --git a/0002-setup-fix-safe.directory-key-not-being-checked.patch
b/0002-setup-fix-safe.directory-key-not-being-checked.patch
deleted file mode 100644
index d53a5f2..0000000
--- a/0002-setup-fix-safe.directory-key-not-being-checked.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From bb50ec3cc300eeff3aba7a2bea145aabdb477d31 Mon Sep 17 00:00:00 2001
-From: Matheus Valadares <me(a)m28.io>
-Date: Wed, 13 Apr 2022 15:32:30 +0000
-Subject: [PATCH 2/3] setup: fix safe.directory key not being checked
-
-It seems that nothing is ever checking to make sure the safe directories
-in the configs actually have the key safe.directory, so some unrelated
-config that has a value with a certain directory would also make it a
-safe directory.
-
-Signed-off-by: Matheus Valadares <me(a)m28.io>
-Signed-off-by: Derrick Stolee <derrickstolee(a)github.com>
-Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
----
- setup.c | 3 +++
- t/t0033-safe-directory.sh | 5 +++++
- 2 files changed, 8 insertions(+)
-
-diff --git a/setup.c b/setup.c
-index 3c6ed17af9..4b9f073617 100644
---- a/setup.c
-+++ b/setup.c
-@@ -1034,6 +1034,9 @@ static int safe_directory_cb(const char *key, const char *value,
void *d)
- {
- struct safe_directory_data *data = d;
-
-+ if (strcmp(key, "safe.directory"))
-+ return 0;
-+
- if (!value || !*value)
- data->is_safe = 0;
- else {
-diff --git a/t/t0033-safe-directory.sh b/t/t0033-safe-directory.sh
-index 9380ff3d01..6f33c0dfef 100755
---- a/t/t0033-safe-directory.sh
-+++ b/t/t0033-safe-directory.sh
-@@ -21,6 +21,11 @@ test_expect_success 'safe.directory does not match' '
- expect_rejected_dir
- '
-
-+test_expect_success 'path exist as different key' '
-+ git config --global foo.bar "$(pwd)" &&
-+ expect_rejected_dir
-+'
-+
- test_expect_success 'safe.directory matches' '
- git config --global --add safe.directory "$(pwd)" &&
- git status
diff --git a/0003-setup-opt-out-of-check-with-safe.directory.patch
b/0003-setup-opt-out-of-check-with-safe.directory.patch
deleted file mode 100644
index b734d9e..0000000
--- a/0003-setup-opt-out-of-check-with-safe.directory.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-From 0f85c4a30b072a26d74af8bbf63cc8f6a5dfc1b8 Mon Sep 17 00:00:00 2001
-From: Derrick Stolee <derrickstolee(a)github.com>
-Date: Wed, 13 Apr 2022 15:32:31 +0000
-Subject: [PATCH 3/3] setup: opt-out of check with safe.directory=*
-
-With the addition of the safe.directory in 8959555ce
-(setup_git_directory(): add an owner check for the top-level directory,
-2022-03-02) released in v2.35.2, we are receiving feedback from a
-variety of users about the feature.
-
-Some users have a very large list of shared repositories and find it
-cumbersome to add this config for every one of them.
-
-In a more difficult case, certain workflows involve running Git commands
-within containers. The container boundary prevents any global or system
-config from communicating `safe.directory` values from the host into the
-container. Further, the container almost always runs as a different user
-than the owner of the directory in the host.
-
-To simplify the reactions necessary for these users, extend the
-definition of the safe.directory config value to include a possible '*'
-value. This value implies that all directories are safe, providing a
-single setting to opt-out of this protection.
-
-Note that an empty assignment of safe.directory clears all previous
-values, and this is already the case with the "if (!value || !*value)"
-condition.
-
-Signed-off-by: Derrick Stolee <derrickstolee(a)github.com>
-Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
----
- Documentation/config/safe.txt | 7 +++++++
- setup.c | 6 ++++--
- t/t0033-safe-directory.sh | 10 ++++++++++
- 3 files changed, 21 insertions(+), 2 deletions(-)
-
-diff --git a/Documentation/config/safe.txt b/Documentation/config/safe.txt
-index 63597b2df8..6d764fe0cc 100644
---- a/Documentation/config/safe.txt
-+++ b/Documentation/config/safe.txt
-@@ -19,3 +19,10 @@ line option `-c safe.directory=<path>`.
- The value of this setting is interpolated, i.e. `~/<path>` expands to a
- path relative to the home directory and `%(prefix)/<path>` expands to a
- path relative to Git's (runtime) prefix.
-++
-+To completely opt-out of this security check, set `safe.directory` to the
-+string `*`. This will allow all repositories to be treated as if their
-+directory was listed in the `safe.directory` list. If `safe.directory=*`
-+is set in system config and you want to re-enable this protection, then
-+initialize your list with an empty value before listing the repositories
-+that you deem safe.
-diff --git a/setup.c b/setup.c
-index 4b9f073617..aad9ace0af 100644
---- a/setup.c
-+++ b/setup.c
-@@ -1037,9 +1037,11 @@ static int safe_directory_cb(const char *key, const char *value,
void *d)
- if (strcmp(key, "safe.directory"))
- return 0;
-
-- if (!value || !*value)
-+ if (!value || !*value) {
- data->is_safe = 0;
-- else {
-+ } else if (!strcmp(value, "*")) {
-+ data->is_safe = 1;
-+ } else {
- const char *interpolated = NULL;
-
- if (!git_config_pathname(&interpolated, key, value) &&
-diff --git a/t/t0033-safe-directory.sh b/t/t0033-safe-directory.sh
-index 6f33c0dfef..239d93f4d2 100755
---- a/t/t0033-safe-directory.sh
-+++ b/t/t0033-safe-directory.sh
-@@ -36,4 +36,14 @@ test_expect_success 'safe.directory matches, but is reset'
'
- expect_rejected_dir
- '
-
-+test_expect_success 'safe.directory=*' '
-+ git config --global --add safe.directory "*" &&
-+ git status
-+'
-+
-+test_expect_success 'safe.directory=*, but is reset' '
-+ git config --global --add safe.directory "" &&
-+ expect_rejected_dir
-+'
-+
- test_done
diff --git a/git.spec b/git.spec
index 4060513..250761b 100644
--- a/git.spec
+++ b/git.spec
@@ -77,14 +77,14 @@
%endif
# Define for release candidates
-%global rcrev .rc2
+#global rcrev .rc0
# Set path to the package-notes linker script
%global _package_note_file
%{_builddir}/%{name}-%{version}%{?rcrev}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld
Name: git
Version: 2.36.0
-Release: 0.3%{?rcrev}%{?dist}
+Release: 1%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: GPLv2
URL:
https://git-scm.com/
@@ -116,11 +116,6 @@ Source99: print-failed-test-output
#
https://bugzilla.redhat.com/490602
Patch0: git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
-# Usability improvements on top of CVE-2022-24765
-Patch1: 0001-t0033-add-tests-for-safe.directory.patch
-Patch2: 0002-setup-fix-safe.directory-key-not-being-checked.patch
-Patch3: 0003-setup-opt-out-of-check-with-safe.directory.patch
-
%if %{with docs}
# pod2man is needed to build Git.3pm
BuildRequires: %{_bindir}/pod2man
@@ -1041,6 +1036,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
+* Mon Apr 18 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-1
+- update to 2.36.0
+
* Thu Apr 14 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.3.rc2
- usability improvements on top of CVE-2022-24765
diff --git a/sources b/sources
index 134454c..07711e7 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.36.0.rc2.tar.xz) =
dfdd49fc7d25c6e2c4291afd5e9c234f4180226d9219cb6e70328dfdeb585a982a2f3b375ede578570825fff9f68ea126b3342512644906dc4333f9f953fe4a3
-SHA512 (git-2.36.0.rc2.tar.sign) =
8b7abfabd47f2be269717e6eb832bcdecf502efc11caa8533a3851e7fbd21e41644322d0784e73efc4dfd5bf4bc1b1094f8dedbd72758e7522b12d045507618c
+SHA512 (git-2.36.0.tar.xz) =
dce0d7dbe684af070271830a01bf1b9cc289182f5106f6e3303b1b3a0d5dc74bebf6ac0174373db05a28f5acc62acb095bc9385dabeeecc1d6e8567dce29b766
+SHA512 (git-2.36.0.tar.sign) =
51343a6443a95db4e896687987876d5259fe8e52fc14bbaa87314f7e3be3e36655d087c6453ca8208face5b28db10b503e5e52487cfa3f3664d2b4a761561815
commit 59a5ed4cff3a6d1b398ca56cd04542b60b97a87a
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Wed Apr 13 21:35:36 2022 -0400
usability improvements on top of CVE-2022-24765
Per the release announcement¹, these patches...
address usability issues in the recent releases 'v2.35.2',
'v2.34.2', 'v2.33.2', 'v2.32.1', 'v2.31.2', and
'v2.30.3', where
each "safe" directory has to be listed on the safe.directory
configuration variables. A broader escape hatch has been added so
that the value '*' can be used to declare "my colleagues and their
repositories I may ever visit are all trustworthy".
¹
https://lore.kernel.org/git/xmqq1qy04iqa.fsf@gitster.g/
diff --git a/0001-t0033-add-tests-for-safe.directory.patch
b/0001-t0033-add-tests-for-safe.directory.patch
new file mode 100644
index 0000000..6774b37
--- /dev/null
+++ b/0001-t0033-add-tests-for-safe.directory.patch
@@ -0,0 +1,72 @@
+From e47363e5a8bdf5144059d664c45c0975243ef05b Mon Sep 17 00:00:00 2001
+From: Derrick Stolee <derrickstolee(a)github.com>
+Date: Wed, 13 Apr 2022 15:32:29 +0000
+Subject: [PATCH 1/3] t0033: add tests for safe.directory
+
+It is difficult to change the ownership on a directory in our test
+suite, so insert a new GIT_TEST_ASSUME_DIFFERENT_OWNER environment
+variable to trick Git into thinking we are in a differently-owned
+directory. This allows us to test that the config is parsed correctly.
+
+Signed-off-by: Derrick Stolee <derrickstolee(a)github.com>
+Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
+---
+ setup.c | 3 ++-
+ t/t0033-safe-directory.sh | 34 ++++++++++++++++++++++++++++++++++
+ 2 files changed, 36 insertions(+), 1 deletion(-)
+ create mode 100755 t/t0033-safe-directory.sh
+
+diff --git a/setup.c b/setup.c
+index 95d5b00940..3c6ed17af9 100644
+--- a/setup.c
++++ b/setup.c
+@@ -1053,7 +1053,8 @@ static int ensure_valid_ownership(const char *path)
+ {
+ struct safe_directory_data data = { .path = path };
+
+- if (is_path_owned_by_current_user(path))
++ if (!git_env_bool("GIT_TEST_ASSUME_DIFFERENT_OWNER", 0) &&
++ is_path_owned_by_current_user(path))
+ return 1;
+
+ read_very_early_config(safe_directory_cb, &data);
+diff --git a/t/t0033-safe-directory.sh b/t/t0033-safe-directory.sh
+new file mode 100755
+index 0000000000..9380ff3d01
+--- /dev/null
++++ b/t/t0033-safe-directory.sh
+@@ -0,0 +1,34 @@
++#!/bin/sh
++
++test_description='verify safe.directory checks'
++
++. ./test-lib.sh
++
++GIT_TEST_ASSUME_DIFFERENT_OWNER=1
++export GIT_TEST_ASSUME_DIFFERENT_OWNER
++
++expect_rejected_dir () {
++ test_must_fail git status 2>err &&
++ grep "safe.directory" err
++}
++
++test_expect_success 'safe.directory is not set' '
++ expect_rejected_dir
++'
++
++test_expect_success 'safe.directory does not match' '
++ git config --global safe.directory bogus &&
++ expect_rejected_dir
++'
++
++test_expect_success 'safe.directory matches' '
++ git config --global --add safe.directory "$(pwd)" &&
++ git status
++'
++
++test_expect_success 'safe.directory matches, but is reset' '
++ git config --global --add safe.directory "" &&
++ expect_rejected_dir
++'
++
++test_done
diff --git a/0002-setup-fix-safe.directory-key-not-being-checked.patch
b/0002-setup-fix-safe.directory-key-not-being-checked.patch
new file mode 100644
index 0000000..d53a5f2
--- /dev/null
+++ b/0002-setup-fix-safe.directory-key-not-being-checked.patch
@@ -0,0 +1,48 @@
+From bb50ec3cc300eeff3aba7a2bea145aabdb477d31 Mon Sep 17 00:00:00 2001
+From: Matheus Valadares <me(a)m28.io>
+Date: Wed, 13 Apr 2022 15:32:30 +0000
+Subject: [PATCH 2/3] setup: fix safe.directory key not being checked
+
+It seems that nothing is ever checking to make sure the safe directories
+in the configs actually have the key safe.directory, so some unrelated
+config that has a value with a certain directory would also make it a
+safe directory.
+
+Signed-off-by: Matheus Valadares <me(a)m28.io>
+Signed-off-by: Derrick Stolee <derrickstolee(a)github.com>
+Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
+---
+ setup.c | 3 +++
+ t/t0033-safe-directory.sh | 5 +++++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/setup.c b/setup.c
+index 3c6ed17af9..4b9f073617 100644
+--- a/setup.c
++++ b/setup.c
+@@ -1034,6 +1034,9 @@ static int safe_directory_cb(const char *key, const char *value,
void *d)
+ {
+ struct safe_directory_data *data = d;
+
++ if (strcmp(key, "safe.directory"))
++ return 0;
++
+ if (!value || !*value)
+ data->is_safe = 0;
+ else {
+diff --git a/t/t0033-safe-directory.sh b/t/t0033-safe-directory.sh
+index 9380ff3d01..6f33c0dfef 100755
+--- a/t/t0033-safe-directory.sh
++++ b/t/t0033-safe-directory.sh
+@@ -21,6 +21,11 @@ test_expect_success 'safe.directory does not match' '
+ expect_rejected_dir
+ '
+
++test_expect_success 'path exist as different key' '
++ git config --global foo.bar "$(pwd)" &&
++ expect_rejected_dir
++'
++
+ test_expect_success 'safe.directory matches' '
+ git config --global --add safe.directory "$(pwd)" &&
+ git status
diff --git a/0003-setup-opt-out-of-check-with-safe.directory.patch
b/0003-setup-opt-out-of-check-with-safe.directory.patch
new file mode 100644
index 0000000..b734d9e
--- /dev/null
+++ b/0003-setup-opt-out-of-check-with-safe.directory.patch
@@ -0,0 +1,88 @@
+From 0f85c4a30b072a26d74af8bbf63cc8f6a5dfc1b8 Mon Sep 17 00:00:00 2001
+From: Derrick Stolee <derrickstolee(a)github.com>
+Date: Wed, 13 Apr 2022 15:32:31 +0000
+Subject: [PATCH 3/3] setup: opt-out of check with safe.directory=*
+
+With the addition of the safe.directory in 8959555ce
+(setup_git_directory(): add an owner check for the top-level directory,
+2022-03-02) released in v2.35.2, we are receiving feedback from a
+variety of users about the feature.
+
+Some users have a very large list of shared repositories and find it
+cumbersome to add this config for every one of them.
+
+In a more difficult case, certain workflows involve running Git commands
+within containers. The container boundary prevents any global or system
+config from communicating `safe.directory` values from the host into the
+container. Further, the container almost always runs as a different user
+than the owner of the directory in the host.
+
+To simplify the reactions necessary for these users, extend the
+definition of the safe.directory config value to include a possible '*'
+value. This value implies that all directories are safe, providing a
+single setting to opt-out of this protection.
+
+Note that an empty assignment of safe.directory clears all previous
+values, and this is already the case with the "if (!value || !*value)"
+condition.
+
+Signed-off-by: Derrick Stolee <derrickstolee(a)github.com>
+Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
+---
+ Documentation/config/safe.txt | 7 +++++++
+ setup.c | 6 ++++--
+ t/t0033-safe-directory.sh | 10 ++++++++++
+ 3 files changed, 21 insertions(+), 2 deletions(-)
+
+diff --git a/Documentation/config/safe.txt b/Documentation/config/safe.txt
+index 63597b2df8..6d764fe0cc 100644
+--- a/Documentation/config/safe.txt
++++ b/Documentation/config/safe.txt
+@@ -19,3 +19,10 @@ line option `-c safe.directory=<path>`.
+ The value of this setting is interpolated, i.e. `~/<path>` expands to a
+ path relative to the home directory and `%(prefix)/<path>` expands to a
+ path relative to Git's (runtime) prefix.
+++
++To completely opt-out of this security check, set `safe.directory` to the
++string `*`. This will allow all repositories to be treated as if their
++directory was listed in the `safe.directory` list. If `safe.directory=*`
++is set in system config and you want to re-enable this protection, then
++initialize your list with an empty value before listing the repositories
++that you deem safe.
+diff --git a/setup.c b/setup.c
+index 4b9f073617..aad9ace0af 100644
+--- a/setup.c
++++ b/setup.c
+@@ -1037,9 +1037,11 @@ static int safe_directory_cb(const char *key, const char *value,
void *d)
+ if (strcmp(key, "safe.directory"))
+ return 0;
+
+- if (!value || !*value)
++ if (!value || !*value) {
+ data->is_safe = 0;
+- else {
++ } else if (!strcmp(value, "*")) {
++ data->is_safe = 1;
++ } else {
+ const char *interpolated = NULL;
+
+ if (!git_config_pathname(&interpolated, key, value) &&
+diff --git a/t/t0033-safe-directory.sh b/t/t0033-safe-directory.sh
+index 6f33c0dfef..239d93f4d2 100755
+--- a/t/t0033-safe-directory.sh
++++ b/t/t0033-safe-directory.sh
+@@ -36,4 +36,14 @@ test_expect_success 'safe.directory matches, but is reset'
'
+ expect_rejected_dir
+ '
+
++test_expect_success 'safe.directory=*' '
++ git config --global --add safe.directory "*" &&
++ git status
++'
++
++test_expect_success 'safe.directory=*, but is reset' '
++ git config --global --add safe.directory "" &&
++ expect_rejected_dir
++'
++
+ test_done
diff --git a/git.spec b/git.spec
index 16a265a..4060513 100644
--- a/git.spec
+++ b/git.spec
@@ -84,7 +84,7 @@
Name: git
Version: 2.36.0
-Release: 0.2%{?rcrev}%{?dist}
+Release: 0.3%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: GPLv2
URL:
https://git-scm.com/
@@ -116,6 +116,11 @@ Source99: print-failed-test-output
#
https://bugzilla.redhat.com/490602
Patch0: git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
+# Usability improvements on top of CVE-2022-24765
+Patch1: 0001-t0033-add-tests-for-safe.directory.patch
+Patch2: 0002-setup-fix-safe.directory-key-not-being-checked.patch
+Patch3: 0003-setup-opt-out-of-check-with-safe.directory.patch
+
%if %{with docs}
# pod2man is needed to build Git.3pm
BuildRequires: %{_bindir}/pod2man
@@ -1036,6 +1041,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
+* Thu Apr 14 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.3.rc2
+- usability improvements on top of CVE-2022-24765
+
* Wed Apr 13 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.2.rc2
- update to 2.36.0-rc2 (CVE-2022-24765)
- disable failing tests on s390x on EL8
commit f0106d7c9a6f80916f456831a4e985b08605d7fc
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Tue Apr 12 22:50:19 2022 -0400
disable failing tests on s390x on EL8
These tests fail on s390x, but only with EL8. They succeed on Fedora
and EL9. This suggests the issue is not with git. Skip them to avoid
blocking the Fedora releases which we care most about while still
allowing builds in COPR and elsewhere for all Fedora/EPEL releases.
diff --git a/git.spec b/git.spec
index 39cd06c..16a265a 100644
--- a/git.spec
+++ b/git.spec
@@ -841,6 +841,26 @@ GIT_SKIP_TESTS="$GIT_SKIP_TESTS t9115"
%endif
# endif %%{power64}
+%ifarch s390x && 0%{?rhel} == 8
+# Skip tests which fail on s390x on rhel-8
+#
+# The following tests fail on s390x & el8. The cause should be investigated.
+# However, it's a lower priority since the same tests work consistently on
+# s390x with Fedora and RHEL-9. The failures seem to originate in t5300.
+#
+# t5300.10 'unpack without delta'
+# t5300.12 'unpack with REF_DELTA'
+# t5300.14 'unpack with OFS_DELTA'
+# t5303.5 'create corruption in data of first object'
+# t5303.7 '... and loose copy of second object allows for partial recovery'
+# t5303.11 'create corruption in data of first delta'
+# t6300.35 'basic atom: head objectsize:disk'
+# t6300.91 'basic atom: tag objectsize:disk'
+# t6300.92 'basic atom: tag *objectsize:disk'
+GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5300.{10,12,14} t5303.{5,7,11}
t6300.{35,91,92}"
+%endif
+# endif s390x && rhel == 8
+
export GIT_SKIP_TESTS
# Set LANG so various UTF-8 tests are run
@@ -1018,6 +1038,7 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%changelog
* Wed Apr 13 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.2.rc2
- update to 2.36.0-rc2 (CVE-2022-24765)
+- disable failing tests on s390x on EL8
* Fri Apr 08 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.1.rc1
- update to 2.36.0-rc1
commit 4787e39b4029c1a9e195c61404dce160091e6652
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Tue Apr 12 21:02:44 2022 -0400
update to 2.36.0-rc2 (CVE-2022-24765)
Regarding CVE-2022-24765, the release announcement says:
On multi-user machines, Git users might find themselves
unexpectedly in a Git worktree, e.g. when another user created a
repository in `C:\.git`, in a mounted network drive or in a
scratch space. Merely having a Git-aware prompt that runs `git
status` (or `git diff`) and navigating to a directory which is
supposedly not a Git worktree, or opening such a directory in an
editor or IDE such as VS Code or Atom, will potentially run
commands defined by that other user.
The new `safe.directory` setting may be used in either the system or
global configuration to list directories which git should consider safe
even if they are owned by someone other than the current user.
Release notes:
https://github.com/git/git/raw/v2.36.0-rc2/Documentation/RelNotes/2.36.0.txt
diff --git a/git.spec b/git.spec
index 08dc543..39cd06c 100644
--- a/git.spec
+++ b/git.spec
@@ -77,14 +77,14 @@
%endif
# Define for release candidates
-%global rcrev .rc1
+%global rcrev .rc2
# Set path to the package-notes linker script
%global _package_note_file
%{_builddir}/%{name}-%{version}%{?rcrev}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld
Name: git
Version: 2.36.0
-Release: 0.1%{?rcrev}%{?dist}
+Release: 0.2%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: GPLv2
URL:
https://git-scm.com/
@@ -1016,6 +1016,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
+* Wed Apr 13 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.2.rc2
+- update to 2.36.0-rc2 (CVE-2022-24765)
+
* Fri Apr 08 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.1.rc1
- update to 2.36.0-rc1
diff --git a/sources b/sources
index 0d98a58..134454c 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.36.0.rc1.tar.xz) =
48c17b4071128bc8d5e79545cbf835cd8bcca5d204fcd7e81a7207254ae3ff47a52edc2cbd132f27c575860cd53e354e6b5f277753b91d51ffd7e6313ee5e6f2
-SHA512 (git-2.36.0.rc1.tar.sign) =
c7de5cd63425cf4ae4f6e38805461296de737b637f0d0008ac6e6d260c3623d5c576cb97d04673aee21cd8bb1294c5e618c9a5f8ad3ffd2a43a936ada05d8ebd
+SHA512 (git-2.36.0.rc2.tar.xz) =
dfdd49fc7d25c6e2c4291afd5e9c234f4180226d9219cb6e70328dfdeb585a982a2f3b375ede578570825fff9f68ea126b3342512644906dc4333f9f953fe4a3
+SHA512 (git-2.36.0.rc2.tar.sign) =
8b7abfabd47f2be269717e6eb832bcdecf502efc11caa8533a3851e7fbd21e41644322d0784e73efc4dfd5bf4bc1b1094f8dedbd72758e7522b12d045507618c
commit d1736385d567d30b7931bc1e8a26112ad05a3aec
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Mon Apr 4 23:43:05 2022 -0400
update to 2.36.0-rc1
Release notes:
https://github.com/git/git/raw/v2.36.0-rc1/Documentation/RelNotes/2.36.0.txt
diff --git a/0001-doc-replace-with-litdd-in-credential-cache-fsmonitor.patch
b/0001-doc-replace-with-litdd-in-credential-cache-fsmonitor.patch
deleted file mode 100644
index 6982207..0000000
--- a/0001-doc-replace-with-litdd-in-credential-cache-fsmonitor.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From f3ea4bed2acb129db66c4c9a22dae71576d58066 Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz(a)pobox.com>
-Date: Wed, 6 Apr 2022 14:41:22 -0400
-Subject: [PATCH] doc: replace "--" with {litdd} in credential-cache/fsmonitor
-
-Asciidoc renders `--` as em-dash. This is not appropriate for command
-names. It also breaks linkgit links to these commands.
-
-Fix git-credential-cache--daemon and git-fsmonitor--daemon. The latter
-was added 3248486920 (fsmonitor: document builtin fsmonitor, 2022-03-25)
-and included several links. A check for broken links in the HTML docs
-turned this up.
-
-Manually inspecting the other Documentation/git-*--*.txt files turned up
-the issue in git-credential-cache--daemon.
-
-While here, quote `git credential-cache--daemon` in the synopsis to
-match the vast majority of our other documentation.
-
-Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
-Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
----
- Documentation/config/core.txt | 2 +-
- Documentation/git-credential-cache--daemon.txt | 6 +++---
- Documentation/git-fsmonitor--daemon.txt | 12 ++++++------
- Documentation/git-update-index.txt | 2 +-
- 4 files changed, 11 insertions(+), 11 deletions(-)
-
-diff --git a/Documentation/config/core.txt b/Documentation/config/core.txt
-index 889522956e45bb..e67392cc838499 100644
---- a/Documentation/config/core.txt
-+++ b/Documentation/config/core.txt
-@@ -63,7 +63,7 @@ core.protectNTFS::
-
- core.fsmonitor::
- If set to true, enable the built-in file system monitor
-- daemon for this working directory (linkgit:git-fsmonitor--daemon[1]).
-+ daemon for this working directory (linkgit:git-fsmonitor{litdd}daemon[1]).
- +
- Like hook-based file system monitors, the built-in file system monitor
- can speed up Git commands that need to refresh the Git index
-diff --git a/Documentation/git-credential-cache--daemon.txt
b/Documentation/git-credential-cache--daemon.txt
-index 7051c6bdf8f542..01e1c214dd82e1 100644
---- a/Documentation/git-credential-cache--daemon.txt
-+++ b/Documentation/git-credential-cache--daemon.txt
-@@ -1,5 +1,5 @@
--git-credential-cache--daemon(1)
--===============================
-+git-credential-cache{litdd}daemon(1)
-+====================================
-
- NAME
- ----
-@@ -8,7 +8,7 @@ git-credential-cache--daemon - Temporarily store user credentials in
memory
- SYNOPSIS
- --------
- [verse]
--git credential-cache--daemon [--debug] <socket>
-+'git credential-cache{litdd}daemon' [--debug] <socket>
-
- DESCRIPTION
- -----------
-diff --git a/Documentation/git-fsmonitor--daemon.txt
b/Documentation/git-fsmonitor--daemon.txt
-index 0fedf5a4565f79..cc142fb8612c72 100644
---- a/Documentation/git-fsmonitor--daemon.txt
-+++ b/Documentation/git-fsmonitor--daemon.txt
-@@ -1,5 +1,5 @@
--git-fsmonitor--daemon(1)
--========================
-+git-fsmonitor{litdd}daemon(1)
-+=============================
-
- NAME
- ----
-@@ -8,10 +8,10 @@ git-fsmonitor--daemon - A Built-in File System Monitor
- SYNOPSIS
- --------
- [verse]
--'git fsmonitor--daemon' start
--'git fsmonitor--daemon' run
--'git fsmonitor--daemon' stop
--'git fsmonitor--daemon' status
-+'git fsmonitor{litdd}daemon' start
-+'git fsmonitor{litdd}daemon' run
-+'git fsmonitor{litdd}daemon' stop
-+'git fsmonitor{litdd}daemon' status
-
- DESCRIPTION
- -----------
-diff --git a/Documentation/git-update-index.txt b/Documentation/git-update-index.txt
-index 64315e2e8c2d3f..5ea2f2c60e45a3 100644
---- a/Documentation/git-update-index.txt
-+++ b/Documentation/git-update-index.txt
-@@ -528,7 +528,7 @@ This feature is intended to speed up git operations for repos that
have
- large working directories.
-
- It enables git to work together with a file system monitor (see
--linkgit:git-fsmonitor--daemon[1]
-+linkgit:git-fsmonitor{litdd}daemon[1]
- and the
- "fsmonitor-watchman" section of linkgit:githooks[5]) that can
- inform it as to what files have been modified. This enables git to avoid
diff --git a/git.spec b/git.spec
index 287ef90..08dc543 100644
--- a/git.spec
+++ b/git.spec
@@ -77,14 +77,14 @@
%endif
# Define for release candidates
-%global rcrev .rc0
+%global rcrev .rc1
# Set path to the package-notes linker script
%global _package_note_file
%{_builddir}/%{name}-%{version}%{?rcrev}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld
Name: git
Version: 2.36.0
-Release: 0.0%{?rcrev}%{?dist}
+Release: 0.1%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: GPLv2
URL:
https://git-scm.com/
@@ -116,9 +116,6 @@ Source99: print-failed-test-output
#
https://bugzilla.redhat.com/490602
Patch0: git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
-#
https://lore.kernel.org/git/20220406184122.4126898-1-tmz@pobox.com/
-Patch1:
https://github.com/git/git/commit/f3ea4bed2.patch#/0001-doc-replace-with-...
-
%if %{with docs}
# pod2man is needed to build Git.3pm
BuildRequires: %{_bindir}/pod2man
@@ -1019,6 +1016,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
+* Fri Apr 08 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.1.rc1
+- update to 2.36.0-rc1
+
* Tue Apr 05 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.0.rc0
- update to 2.36.0-rc0
- use httpd-core for tests on Fedora >= 37
diff --git a/sources b/sources
index 567d1db..0d98a58 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.36.0.rc0.tar.xz) =
7417784582f17e9579fbae984a175af814ff6bd9b28b48d0405b8c4342566a4e138df0f544ee7fbccf25419a50c3848fb9d0830feb9848a2f41cae2c969989c4
-SHA512 (git-2.36.0.rc0.tar.sign) =
f1c8217687c993a32a3b8b38cde242440e6c3de4093dffd68bd9d483f103d20701856254e9bc92c2945c75405dd2c67e4c66076c05b469bbf4b21b7752888358
+SHA512 (git-2.36.0.rc1.tar.xz) =
48c17b4071128bc8d5e79545cbf835cd8bcca5d204fcd7e81a7207254ae3ff47a52edc2cbd132f27c575860cd53e354e6b5f277753b91d51ffd7e6313ee5e6f2
+SHA512 (git-2.36.0.rc1.tar.sign) =
c7de5cd63425cf4ae4f6e38805461296de737b637f0d0008ac6e6d260c3623d5c576cb97d04673aee21cd8bb1294c5e618c9a5f8ad3ffd2a43a936ada05d8ebd
commit 25830241e697031e1debac8298151b00a013e835
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Fri Apr 8 13:42:17 2022 -0400
use httpd-core for tests on Fedora >= 37
The httpd package was slimmed down per rhbz#2070517. Use the new
httpd-core package for the test suite requirements on F37+.
While here, adjust a nearby '# endif' comment to match reality.
diff --git a/git.spec b/git.spec
index e105b6c..287ef90 100644
--- a/git.spec
+++ b/git.spec
@@ -189,7 +189,7 @@ BuildRequires: acl
# Needed by t5540-http-push-webdav.sh
BuildRequires: apr-util-bdb
%endif
-# endif fedora >= 27
+# endif fedora or rhel >= 8
BuildRequires: bash
%if %{with cvs}
BuildRequires: cvs
@@ -212,7 +212,12 @@ BuildRequires: gnupg2-smime
BuildRequires: highlight
%endif
# endif fedora or el7+ (ppc64le/x86_64)
+%if 0%{?fedora} >= 37
+BuildRequires: httpd-core
+%else
BuildRequires: httpd
+%endif
+# endif fedora >= 37
%if 0%{?fedora} && ! ( 0%{?fedora} >= 35 || "%{_arch}" ==
"i386" || "%{_arch}" == "s390x" )
BuildRequires: jgit
%endif
@@ -1016,6 +1021,7 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%changelog
* Tue Apr 05 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.0.rc0
- update to 2.36.0-rc0
+- use httpd-core for tests on Fedora >= 37
* Sat Jan 29 2022 Todd Zullinger <tmz(a)pobox.com> - 2.35.1-1
- update to 2.35.1
commit 0b5afcebda0b34f5fb5860355c6ceef770f3feb1
Author: Todd Zullinger <tmz(a)pobox.com>
Date: Mon Apr 4 23:43:05 2022 -0400
update to 2.36.0-rc0
The %_package_note_file definition added in 1dc07e7 (set path to linker
script in %_package_note_file, 2022-01-24) does not support release
candidates. Fix it.
Add 'fsmonitor--daemon is not supported on this platform' and 'missing
!REFFILES' to git.skip-test-patterns to match new test prerequisites
which are not relevant for our builds.
Adjust number of t5541 "push 2000 tags over http" test. It was shifted
from 35 to 36 by upstream c36c62859a (tests: use "test_hook" for misc
"mkdir -p" and "chmod" cases, 2022-03-17).
Replace `%__make test` with `%__make -C t all` to avoid re-compiling in
%check. This is an issue I have yet to fully diagnose. I suspect that
it is related to the nice work Ævar Arnfjörð Bjarmason has done upstream
to improve the efficiency and correctness of the build process. Work
around it for the moment.
Release notes:
https://github.com/git/git/raw/v2.36.0-rc0/Documentation/RelNotes/2.36.0.txt
diff --git a/0001-doc-replace-with-litdd-in-credential-cache-fsmonitor.patch
b/0001-doc-replace-with-litdd-in-credential-cache-fsmonitor.patch
new file mode 100644
index 0000000..6982207
--- /dev/null
+++ b/0001-doc-replace-with-litdd-in-credential-cache-fsmonitor.patch
@@ -0,0 +1,102 @@
+From f3ea4bed2acb129db66c4c9a22dae71576d58066 Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz(a)pobox.com>
+Date: Wed, 6 Apr 2022 14:41:22 -0400
+Subject: [PATCH] doc: replace "--" with {litdd} in credential-cache/fsmonitor
+
+Asciidoc renders `--` as em-dash. This is not appropriate for command
+names. It also breaks linkgit links to these commands.
+
+Fix git-credential-cache--daemon and git-fsmonitor--daemon. The latter
+was added 3248486920 (fsmonitor: document builtin fsmonitor, 2022-03-25)
+and included several links. A check for broken links in the HTML docs
+turned this up.
+
+Manually inspecting the other Documentation/git-*--*.txt files turned up
+the issue in git-credential-cache--daemon.
+
+While here, quote `git credential-cache--daemon` in the synopsis to
+match the vast majority of our other documentation.
+
+Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
+Signed-off-by: Junio C Hamano <gitster(a)pobox.com>
+---
+ Documentation/config/core.txt | 2 +-
+ Documentation/git-credential-cache--daemon.txt | 6 +++---
+ Documentation/git-fsmonitor--daemon.txt | 12 ++++++------
+ Documentation/git-update-index.txt | 2 +-
+ 4 files changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/Documentation/config/core.txt b/Documentation/config/core.txt
+index 889522956e45bb..e67392cc838499 100644
+--- a/Documentation/config/core.txt
++++ b/Documentation/config/core.txt
+@@ -63,7 +63,7 @@ core.protectNTFS::
+
+ core.fsmonitor::
+ If set to true, enable the built-in file system monitor
+- daemon for this working directory (linkgit:git-fsmonitor--daemon[1]).
++ daemon for this working directory (linkgit:git-fsmonitor{litdd}daemon[1]).
+ +
+ Like hook-based file system monitors, the built-in file system monitor
+ can speed up Git commands that need to refresh the Git index
+diff --git a/Documentation/git-credential-cache--daemon.txt
b/Documentation/git-credential-cache--daemon.txt
+index 7051c6bdf8f542..01e1c214dd82e1 100644
+--- a/Documentation/git-credential-cache--daemon.txt
++++ b/Documentation/git-credential-cache--daemon.txt
+@@ -1,5 +1,5 @@
+-git-credential-cache--daemon(1)
+-===============================
++git-credential-cache{litdd}daemon(1)
++====================================
+
+ NAME
+ ----
+@@ -8,7 +8,7 @@ git-credential-cache--daemon - Temporarily store user credentials in
memory
+ SYNOPSIS
+ --------
+ [verse]
+-git credential-cache--daemon [--debug] <socket>
++'git credential-cache{litdd}daemon' [--debug] <socket>
+
+ DESCRIPTION
+ -----------
+diff --git a/Documentation/git-fsmonitor--daemon.txt
b/Documentation/git-fsmonitor--daemon.txt
+index 0fedf5a4565f79..cc142fb8612c72 100644
+--- a/Documentation/git-fsmonitor--daemon.txt
++++ b/Documentation/git-fsmonitor--daemon.txt
+@@ -1,5 +1,5 @@
+-git-fsmonitor--daemon(1)
+-========================
++git-fsmonitor{litdd}daemon(1)
++=============================
+
+ NAME
+ ----
+@@ -8,10 +8,10 @@ git-fsmonitor--daemon - A Built-in File System Monitor
+ SYNOPSIS
+ --------
+ [verse]
+-'git fsmonitor--daemon' start
+-'git fsmonitor--daemon' run
+-'git fsmonitor--daemon' stop
+-'git fsmonitor--daemon' status
++'git fsmonitor{litdd}daemon' start
++'git fsmonitor{litdd}daemon' run
++'git fsmonitor{litdd}daemon' stop
++'git fsmonitor{litdd}daemon' status
+
+ DESCRIPTION
+ -----------
+diff --git a/Documentation/git-update-index.txt b/Documentation/git-update-index.txt
+index 64315e2e8c2d3f..5ea2f2c60e45a3 100644
+--- a/Documentation/git-update-index.txt
++++ b/Documentation/git-update-index.txt
+@@ -528,7 +528,7 @@ This feature is intended to speed up git operations for repos that
have
+ large working directories.
+
+ It enables git to work together with a file system monitor (see
+-linkgit:git-fsmonitor--daemon[1]
++linkgit:git-fsmonitor{litdd}daemon[1]
+ and the
+ "fsmonitor-watchman" section of linkgit:githooks[5]) that can
+ inform it as to what files have been modified. This enables git to avoid
diff --git a/0001-t-lib-gpg-use-with-colons-when-parsing-gpgsm-output.patch
b/0001-t-lib-gpg-use-with-colons-when-parsing-gpgsm-output.patch
deleted file mode 100644
index 5c003a5..0000000
--- a/0001-t-lib-gpg-use-with-colons-when-parsing-gpgsm-output.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From e155951262e6dea419db8b9010342b08b487f96a Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz(a)pobox.com>
-Date: Thu, 25 Nov 2021 05:05:08 -0500
-Subject: [PATCH] t/lib-gpg: use --with-colons when parsing gpgsm output
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The output of `gpgsm -K` changed in gnupg-2.3¹, breaking the parsing
-used by the GPGSM prereq.
-
-Use the `--with-colons` options for stable, machine-parseable output.
-This allows the grep/cut/tr pipeline (and the subsequent echo which
-appends ' S relax') to be replaced with a single call to awk to create
-the ${GNUPGHOME}/trustlist.txt file.
-
-¹
https://dev.gnupg.org/rGe7d70923901e is the change in 2.3, while
-
https://dev.gnupg.org/rG9c57de75cf36 is the similar change in 2.2.
-
- The latter says: Here in 2.2 we keep the string "fingerprint:" and no
- not change it to "sha1 fpr" as we did in master (2.3). (sic)
-
-Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
----
- t/lib-gpg.sh | 8 +++-----
- 1 file changed, 3 insertions(+), 5 deletions(-)
-
-diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
-index a3f285f515..cbbf74e725 100644
---- a/t/lib-gpg.sh
-+++ b/t/lib-gpg.sh
-@@ -72,12 +72,10 @@ test_lazy_prereq GPGSM '
- --passphrase-fd 0 --pinentry-mode loopback \
- --import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
-
-- gpgsm --homedir "${GNUPGHOME}" -K |
-- grep fingerprint: |
-- cut -d" " -f4 |
-- tr -d "\\n" >"${GNUPGHOME}/trustlist.txt" &&
-+ gpgsm --homedir "${GNUPGHOME}" -K --with-colons |
-+ awk -F ":" "/^fpr:/ {printf \"%s S relax\\n\", \$10}" \
-+ >"${GNUPGHOME}/trustlist.txt" &&
-
-- echo " S relax" >>"${GNUPGHOME}/trustlist.txt" &&
- echo hello | gpgsm --homedir "${GNUPGHOME}" >/dev/null \
- -u committer(a)example.com -o /dev/null --sign -
- '
diff --git a/0002-t-lib-gpg-reload-gpg-components-after-updating-trust.patch
b/0002-t-lib-gpg-reload-gpg-components-after-updating-trust.patch
deleted file mode 100644
index 2c27b74..0000000
--- a/0002-t-lib-gpg-reload-gpg-components-after-updating-trust.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 93299b9b221da01d4055528f7c760d04ee83b82b Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz(a)pobox.com>
-Date: Thu, 25 Nov 2021 08:07:32 -0500
-Subject: [PATCH] t/lib-gpg: reload gpg components after updating trustlist
-
-With gpgsm from gnupg-2.3, the changes to the trustlist.txt do not
-appear to be picked up without refreshing the gpg-agent. Use the 'all'
-keyword to reload all of the gpg components. The scdaemon is started as
-a child of gpg-agent, for example.
-
-We used to have a --kill at this spot, but I removed it in 2e285e7803
-(t/lib-gpg: drop redundant killing of gpg-agent, 2019-02-07). It seems
-like it might be necessary (again) for 2.3.
-
-Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
----
- t/lib-gpg.sh | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
-index cbbf74e725..d675698a2d 100644
---- a/t/lib-gpg.sh
-+++ b/t/lib-gpg.sh
-@@ -75,6 +75,7 @@ test_lazy_prereq GPGSM '
- gpgsm --homedir "${GNUPGHOME}" -K --with-colons |
- awk -F ":" "/^fpr:/ {printf \"%s S relax\\n\", \$10}" \
- >"${GNUPGHOME}/trustlist.txt" &&
-+ (gpgconf --reload all || : ) &&
-
- echo hello | gpgsm --homedir "${GNUPGHOME}" >/dev/null \
- -u committer(a)example.com -o /dev/null --sign -
diff --git a/0003-t-lib-gpg-kill-all-gpg-components-not-just-gpg-agent.patch
b/0003-t-lib-gpg-kill-all-gpg-components-not-just-gpg-agent.patch
deleted file mode 100644
index 2905564..0000000
--- a/0003-t-lib-gpg-kill-all-gpg-components-not-just-gpg-agent.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From da340dd76714474126f73f6b53087da0ffd4e8d8 Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz(a)pobox.com>
-Date: Fri, 26 Nov 2021 21:11:54 -0500
-Subject: [PATCH] t/lib-gpg: kill all gpg components, not just gpg-agent
-
-The gpg-agent is one of several processes that newer releases of GnuPG
-start automatically. Issue a kill to each of them to ensure they do not
-affect separate tests. (Yes, the separate GNUPGHOME should do that
-already. If we find that is case, we could drop the --kill entirely.)
-
-In terms of compatibility, the 'all' keyword was added to the --kill &
---reload options in GnuPG 2.1.18. Debian and RHEL are often used as
-indicators of how a change might affect older systems we often try to
-support.
-
- - Debian Strech (old old stable), which has limited security support
- until June 2022, has GnuPG 2.1.18 (or 2.2.x in backports).
-
- - CentOS/RHEL 7, which is supported until June 2024, has GnuPG
- 2.0.22, which lacks the --kill option, so the change won't have
- any impact.
-
-Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
----
- t/lib-gpg.sh | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
-index d675698a2d..2bb309a8c1 100644
---- a/t/lib-gpg.sh
-+++ b/t/lib-gpg.sh
-@@ -40,7 +40,7 @@ test_lazy_prereq GPG '
- # > lib-gpg/ownertrust
- mkdir "$GNUPGHOME" &&
- chmod 0700 "$GNUPGHOME" &&
-- (gpgconf --kill gpg-agent || : ) &&
-+ (gpgconf --kill all || : ) &&
- gpg --homedir "${GNUPGHOME}" --import \
- "$TEST_DIRECTORY"/lib-gpg/keyring.gpg &&
- gpg --homedir "${GNUPGHOME}" --import-ownertrust \
diff --git a/0004-t4202-match-gpgsm-output-from-GnuPG-2.3.patch
b/0004-t4202-match-gpgsm-output-from-GnuPG-2.3.patch
deleted file mode 100644
index 005ace7..0000000
--- a/0004-t4202-match-gpgsm-output-from-GnuPG-2.3.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From d1efcac68414b80cc0fd7b7e3b4781f313d98697 Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz(a)pobox.com>
-Date: Sat, 27 Nov 2021 05:31:13 -0500
-Subject: [PATCH] t4202: match gpgsm output from GnuPG 2.3
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-In GnuPG 2.3, the output from gpgsm when a certificate is not found
-differs from that of earlier versions. This appears to be a bug¹, but
-there are several releases in use now which have this output. Extend
-the grep pattern to catch it rather than failing the test.
-
-¹
https://lists.gnupg.org/pipermail/gnupg-devel/2021-November/034991.html
-
-Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
----
- t/t4202-log.sh | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/t/t4202-log.sh b/t/t4202-log.sh
-index 7884e3d46b..c69f9ac469 100755
---- a/t/t4202-log.sh
-+++ b/t/t4202-log.sh
-@@ -1851,7 +1851,7 @@ test_expect_success GPGSM 'log --graph --show-signature for
merged tag x509 miss
- git merge --no-ff -m msg signed_tag_x509_nokey &&
- GNUPGHOME=. git log --graph --show-signature -n1 plain-x509-nokey >actual
&&
- grep "^|\\\ merged tag" actual &&
-- grep "^| | gpgsm: certificate not found" actual
-+ grep -Ei "^| | gpgsm:( failed to find the)? certificate:? not found" actual
- '
-
- test_expect_success GPGSM 'log --graph --show-signature for merged tag x509 bad
signature' '
diff --git a/0005-gpg-interface-match-SIG_CREATED-if-it-s-the-first-li.patch
b/0005-gpg-interface-match-SIG_CREATED-if-it-s-the-first-li.patch
deleted file mode 100644
index 458af9d..0000000
--- a/0005-gpg-interface-match-SIG_CREATED-if-it-s-the-first-li.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From edb5eafc9945b2d400c2d777a9750cee06ab500f Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz(a)pobox.com>
-Date: Sat, 27 Nov 2021 02:55:47 -0500
-Subject: [PATCH] gpg-interface: match SIG_CREATED if it's the first line
-
-In `sign_buffer_gpg`, "\n[GNUPG:] SIG_CREATED " in the gpg status output
-is used to signal a successful signature. This fails if "SIG_CREATED"
-is the first line in the gpg output, as is the case with `gpgsm` in
-GnuPG 2.3.
-
-In earlier versions of GnuPG, there was a debug line in the `gpgsm`
-output which allowed the check in `sign_buffer_gpg` to work. This debug
-line was removed from GnuPG in a6d2f3133 (sm: Replace some debug message
-by log_error or log_info, 2020-04-21).
-
-The result is the `gpgsm --status-fd` output for a signing operation
-starts with "[GNUPG:] SIG_CREATED" and we mistakenly report "gpg failed
-to sign the data" to the user. The `gpg` command has other `[GNUPG:]`
-output for signing operations, so it is not affected by this issue.
-It's best not to rely on something as subtle and out of our control as
-the order if the gnupg status messages.
-
-This likely went unnoticed because the GPGSM test prereq was failing for
-a different reason with GnuPG 2.3. No tests failed, they were simply
-skipped due to the missing GPGSM prereq.
-
-Signed-off-by: Todd Zullinger <tmz(a)pobox.com>
----
- gpg-interface.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/gpg-interface.c b/gpg-interface.c
-index 3e7255a2a9..d179dfb3ab 100644
---- a/gpg-interface.c
-+++ b/gpg-interface.c
-@@ -859,6 +859,12 @@ static int sign_buffer_gpg(struct strbuf *buffer, struct strbuf
*signature,
-
- bottom = signature->len;
-
-+ /*
-+ * Ensure gpg_status begins with a newline or we'll fail to match if
-+ * the SIG_CREATED line is at the start of the gpg output.
-+ */
-+ strbuf_addch(&gpg_status, '\n');
-+
- /*
- * When the username signingkey is bad, program could be terminated
- * because gpg exits without reading and then write gets SIGPIPE.
diff --git a/git.skip-test-patterns b/git.skip-test-patterns
index bd44452..234d37a 100644
--- a/git.skip-test-patterns
+++ b/git.skip-test-patterns
@@ -1,5 +1,6 @@
expensive 2GB clone test; enable with GIT_TEST_CLONE_2GB=true
filesystem does not corrupt utf-8
+fsmonitor--daemon is not supported on this platform
GIT_SKIP_TESTS
missing AUTOIDENT
missing CASE_INSENSITIVE_FS
@@ -11,6 +12,7 @@ missing MINGW
missing NATIVE_CRLF
missing !PCRE
missing !PTHREADS
+missing !REFFILES
missing RFC1991
missing RUNTIME_PREFIX
missing SYMLINKS_WINDOWS
diff --git a/git.spec b/git.spec
index b8ea26b..e105b6c 100644
--- a/git.spec
+++ b/git.spec
@@ -76,15 +76,15 @@
%global _hardened_build 1
%endif
-# Set path to the package-notes linker script
-%global _package_note_file
%{_builddir}/%{name}-%{version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld
-
# Define for release candidates
-#global rcrev .rc0
+%global rcrev .rc0
+
+# Set path to the package-notes linker script
+%global _package_note_file
%{_builddir}/%{name}-%{version}%{?rcrev}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld
Name: git
-Version: 2.35.1
-Release: 1%{?rcrev}%{?dist}
+Version: 2.36.0
+Release: 0.0%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: GPLv2
URL:
https://git-scm.com/
@@ -116,12 +116,8 @@ Source99: print-failed-test-output
#
https://bugzilla.redhat.com/490602
Patch0: git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
-# Fix a few tests and issues with gnupg-2.3
-Patch1: 0001-t-lib-gpg-use-with-colons-when-parsing-gpgsm-output.patch
-Patch2: 0002-t-lib-gpg-reload-gpg-components-after-updating-trust.patch
-Patch3: 0003-t-lib-gpg-kill-all-gpg-components-not-just-gpg-agent.patch
-Patch4: 0004-t4202-match-gpgsm-output-from-GnuPG-2.3.patch
-Patch5: 0005-gpg-interface-match-SIG_CREATED-if-it-s-the-first-li.patch
+#
https://lore.kernel.org/git/20220406184122.4126898-1-tmz@pobox.com/
+Patch1:
https://github.com/git/git/commit/f3ea4bed2.patch#/0001-doc-replace-with-...
%if %{with docs}
# pod2man is needed to build Git.3pm
@@ -826,9 +822,9 @@ GIT_SKIP_TESTS=""
#
# The following 2 tests use run_with_limited_cmdline, which calls ulimit -s 128
# to limit the maximum stack size.
-# t5541.35 'push 2000 tags over http'
+# t5541.36 'push 2000 tags over http'
# t5551.25 'clone the 2,000 tag repo to check OS command line overflow'
-GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5541.35 t5551.25"
+GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5541.36 t5551.25"
%endif
# endif aarch64 %%{arm} %%{power64}
@@ -866,7 +862,7 @@ sed -i "s@\(GIT_TEST_OPTS='.*\)'(a)\1
--root=$testdir'@" GIT-BUILD-OPTIONS
touch -r ts GIT-BUILD-OPTIONS
# Run the tests
-%__make test || ./print-failed-test-output
+%__make -C t all || ./print-failed-test-output
# Run contrib/credential/netrc tests
mkdir -p contrib/credential
@@ -1018,6 +1014,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
+* Tue Apr 05 2022 Todd Zullinger <tmz(a)pobox.com> - 2.36.0-0.0.rc0
+- update to 2.36.0-rc0
+
* Sat Jan 29 2022 Todd Zullinger <tmz(a)pobox.com> - 2.35.1-1
- update to 2.35.1
diff --git a/sources b/sources
index 4095968..567d1db 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.35.1.tar.xz) =
926c6813ef61931e1a1c43dfd7b15e20dc5878c1752876bd08f039249c9ed09f20f096b2f01947de9c9522c942e9fa8c1363d7d31a488bbe3f93c0cff31fcbcb
-SHA512 (git-2.35.1.tar.sign) =
27adbb0628a18ae13ce76c2812c2f2a8a9da002105ca1f550a864ae769a27efa697ab7cbd8582e69be99d8731fe2f53895321c3a71990ffbcfe1e7f2064fd9b7
+SHA512 (git-2.36.0.rc0.tar.xz) =
7417784582f17e9579fbae984a175af814ff6bd9b28b48d0405b8c4342566a4e138df0f544ee7fbccf25419a50c3848fb9d0830feb9848a2f41cae2c969989c4
+SHA512 (git-2.36.0.rc0.tar.sign) =
f1c8217687c993a32a3b8b38cde242440e6c3de4093dffd68bd9d483f103d20701856254e9bc92c2945c75405dd2c67e4c66076c05b469bbf4b21b7752888358