"""
* CVE-2022-24765:
On multi-user machines, Git users might find themselves
unexpectedly in a Git worktree, e.g. when another user created a
repository in `C:\.git`, in a mounted network drive or in a
scratch space. Merely having a Git-aware prompt that runs `git
status` (or `git diff`) and navigating to a directory which is
supposedly not a Git worktree, or opening such a directory in an
editor or IDE such as VS Code or Atom, will potentially run
commands defined by that other user.
"""
Disabling the build/run dependency (--with-python=no) also disables it for
tests, i.e. the configure check is saved and the test suite does not
recheck for python.
Since we won't add a dependency on python, the module is of no use any
longer and we'll let the tests needing it just skip as before.
The 2.33.0 update removing the multimail hook obsoleted lang/python usage;
a few tests probe for python but fail detection and get skipped gracefully.
No PLIST/signature change, so no REVISION bump.
`make test' in WRKSRC calls the right target in the t/ subdir and passing
HOME is not required anymore (if so, just add it to TEST_ENV instead).
git's test can run in parallel but our do-test both ignored -j/MAKE_JOBS
and didn't make use of git's parallel features.
Now `make MAKE_JOBS=4 test' will run them in parallel without any other
changes; output is interleaved but that is expected. Use git's prove(1)
based test run to get cleaner and shorter output:
`make MAKE_JOBS=4 GIT_TEST_TARGET=prove'.
Testing updates and local patches is now easier and faster.
See ${WRKSRC}/t/README for details.
Backward incompatible and other important changes
* The "pack-redundant" command, which has been left stale with almost
unusable performance issues, now warns loudly when it gets used, as
we no longer want to recommend its use (instead just "repack -d"
instead).
* The development community has adopted Contributor Covenant v2.0 to
update from v1.4 that we have been using.
* The support for deprecated PCRE1 library has been dropped.
* Fixes for CVE-2021-21300 in Git 2.30.2 (and earlier) is included.
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.31.0.txt
OK benoit
if a port needs 2.x then set MODPY_VERSION=${MODPY_DEFAULT_VERSION_2}.
This commit doesn't change any versions currently used; it may be that
some ports have MODPY_DEFAULT_VERSION_2 but don't require it, those
should be cleaned up in the course of updating ports where possible.
Python module ports providing py3-* packages should still use
FLAVOR=python3 so that we don't have a mixture of dependencies some
using ${MODPY_FLAVOR} and others not.
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.29.0.txt
Among other changes:
* "git maintenance", a "git gc"'s big brother, has been introduced to
take care of more repository maintenance tasks, not limited to the
object database cleaning.
* The final leg of SHA-256 transition plus doc updates. Note that
there is no interoperability between SHA-1 and SHA-256
repositories yet.
Make shells(5) list it and enable "chsh -s git-shell user";
"chsh -s /usr/local/bin/git-shell user" already works but is more typing
and inconsistent with other shells.
version mismatch error reported by Laurie Tratt). While there, fix-up the
path to wish in git-gui--askpass, and move a Tcl file that crept into
-main over to -x11. ok kn@
"These releases fix various security flaws, which allowed an attacker
to overwrite arbitrary paths, remotely execute code, and/or overwrite
files in the .git/ directory etc. See the release notes attached for
the list for their descriptions and CVE identifiers."
https://lwn.net/ml/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
