difftool: fix use-after-free
[git/git.git] / Documentation / RelNotes / 2.11.0.txt
1 Git 2.11 Release Notes
2 ======================
4 Backward compatibility notes.
6 * An empty string used as a pathspec element has always meant
7 'everything matches', but it is too easy to write a script that
8 finds a path to remove in $path and run 'git rm "$paht"' by
9 mistake (when the user meant to give "$path"), which ends up
10 removing everything. This release starts warning about the
11 use of an empty string that is used for 'everything matches' and
12 asks users to use a more explicit '.' for that instead.
14 The hope is that existing users will not mind this change, and
15 eventually the warning can be turned into a hard error, upgrading
16 the deprecation into removal of this (mis)feature.
18 * The historical argument order "git merge <msg> HEAD <commit>..."
19 has been deprecated for quite some time, and will be removed in the
20 next release (not this one).
22 * The default abbreviation length, which has historically been 7, now
23 scales as the repository grows, using the approximate number of
24 objects in the repository and a bit of math around the birthday
25 paradox. The logic suggests to use 12 hexdigits for the Linux
26 kernel, and 9 to 10 for Git itself.
29 Updates since v2.10
30 -------------------
32 UI, Workflows & Features
34 * Comes with new version of git-gui, now at its 0.21.0 tag.
36 * "git format-patch --cover-letter HEAD^" to format a single patch
37 with a separate cover letter now numbers the output as [PATCH 0/1]
38 and [PATCH 1/1] by default.
40 * An incoming "git push" that attempts to push too many bytes can now
41 be rejected by setting a new configuration variable at the receiving
42 end.
44 * "git nosuchcommand --help" said "No manual entry for gitnosuchcommand",
45 which was not intuitive, given that "git nosuchcommand" said "git:
46 'nosuchcommand' is not a git command".
48 * "git clone --recurse-submodules --reference $path $URL" is a way to
49 reduce network transfer cost by borrowing objects in an existing
50 $path repository when cloning the superproject from $URL; it
51 learned to also peek into $path for presence of corresponding
52 repositories of submodules and borrow objects from there when able.
54 * The "git diff --submodule={short,log}" mechanism has been enhanced
55 to allow "--submodule=diff" to show the patch between the submodule
56 commits bound to the superproject.
58 * Even though "git hash-objects", which is a tool to take an
59 on-filesystem data stream and put it into the Git object store,
60 allowed to perform the "outside-world-to-Git" conversions (e.g.
61 end-of-line conversions and application of the clean-filter), and
62 it had the feature on by default from very early days, its reverse
63 operation "git cat-file", which takes an object from the Git object
64 store and externalize for the consumption by the outside world,
65 lacked an equivalent mechanism to run the "Git-to-outside-world"
66 conversion. The command learned the "--filters" option to do so.
68 * Output from "git diff" can be made easier to read by selecting
69 which lines are common and which lines are added/deleted
70 intelligently when the lines before and after the changed section
71 are the same. A command line option is added to help with the
72 experiment to find a good heuristics.
74 * In some projects, it is common to use "[RFC PATCH]" as the subject
75 prefix for a patch meant for discussion rather than application. A
76 new option "--rfc" is a short-hand for "--subject-prefix=RFC PATCH"
77 to help the participants of such projects.
79 * "git add --chmod=+x <pathspec>" added recently only toggled the
80 executable bit for paths that are either new or modified. This has
81 been corrected to flip the executable bit for all paths that match
82 the given pathspec.
84 * When "git format-patch --stdout" output is placed as an in-body
85 header and it uses the RFC2822 header folding, "git am" failed to
86 put the header line back into a single logical line. The
87 underlying "git mailinfo" was taught to handle this properly.
89 * "gitweb" can spawn "highlight" to show blob contents with
90 (programming) language-specific syntax highlighting, but only
91 when the language is known. "highlight" can however be told
92 to make the guess itself by giving it "--force" option, which
93 has been enabled.
95 * "git gui" l10n to Portuguese.
97 * When given an abbreviated object name that is not (or more
98 realistically, "no longer") unique, we gave a fatal error
99 "ambiguous argument". This error is now accompanied by a hint that
100 lists the objects beginning with the given prefix. During the
101 course of development of this new feature, numerous minor bugs were
102 uncovered and corrected, the most notable one of which is that we
103 gave "short SHA1 xxxx is ambiguous." twice without good reason.
105 * "git log rev^..rev" is an often-used revision range specification
106 to show what was done on a side branch merged at rev. This has
107 gained a short-hand "rev^-1". In general "rev^-$n" is the same as
108 "^rev^$n rev", i.e. what has happened on other branches while the
109 history leading to nth parent was looking the other way.
111 * In recent versions of cURL, GSSAPI credential delegation is
112 disabled by default due to CVE-2011-2192; introduce a configuration
113 to selectively allow enabling this.
114 (merge 26a7b23429 ps/http-gssapi-cred-delegation later to maint).
116 * "git mergetool" learned to honor "-O<orderfile>" to control the
117 order of paths to present to the end user.
119 * "git diff/log --ws-error-highlight=<kind>" lacked the corresponding
120 configuration variable to set it by default.
122 * "git ls-files" learned "--recurse-submodules" option that can be
123 used to get a listing of tracked files across submodules (i.e. this
124 only works with "--cached" option, not for listing untracked or
125 ignored files). This would be a useful tool to sit on the upstream
126 side of a pipe that is read with xargs to work on all working tree
127 files from the top-level superproject.
129 * A new credential helper that talks via "libsecret" with
130 implementations of XDG Secret Service API has been added to
131 contrib/credential/.
133 * The GPG verification status shown in "%G?" pretty format specifier
134 was not rich enough to differentiate a signature made by an expired
135 key, a signature made by a revoked key, etc. New output letters
136 have been assigned to express them.
138 * In addition to purely abbreviated commit object names, "gitweb"
139 learned to turn "git describe" output (e.g. v2.9.3-599-g2376d31787)
140 into clickable links in its output.
142 * When new paths were added by "git add -N" to the index, it was
143 enough to circumvent the check by "git commit" to refrain from
144 making an empty commit without "--allow-empty". The same logic
145 prevented "git status" to show such a path as "new file" in the
146 "Changes not staged for commit" section.
148 * The smudge/clean filter API expect an external process is spawned
149 to filter the contents for each path that has a filter defined. A
150 new type of "process" filter API has been added to allow the first
151 request to run the filter for a path to spawn a single process, and
152 all filtering need is served by this single process for multiple
153 paths, reducing the process creation overhead.
155 * The user always has to say "stash@{$N}" when naming a single
156 element in the default location of the stash, i.e. reflogs in
157 refs/stash. The "git stash" command learned to accept "git stash
158 apply 4" as a short-hand for "git stash apply stash@{4}".
161 Performance, Internal Implementation, Development Support etc.
163 * The delta-base-cache mechanism has been a key to the performance in
164 a repository with a tightly packed packfile, but it did not scale
165 well even with a larger value of core.deltaBaseCacheLimit.
167 * Enhance "git status --porcelain" output by collecting more data on
168 the state of the index and the working tree files, which may
169 further be used to teach git-prompt (in contrib/) to make fewer
170 calls to git.
172 * Extract a small helper out of the function that reads the authors
173 script file "git am" internally uses.
174 (merge a77598e jc/am-read-author-file later to maint).
176 * Lifts calls to exit(2) and die() higher in the callchain in
177 sequencer.c files so that more helper functions in it can be used
178 by callers that want to handle error conditions themselves.
180 * "git am" has been taught to make an internal call to "git apply"'s
181 innards without spawning the latter as a separate process.
183 * The ref-store abstraction was introduced to the refs API so that we
184 can plug in different backends to store references.
186 * The "unsigned char sha1[20]" to "struct object_id" conversion
187 continues. Notable changes in this round includes that ce->sha1,
188 i.e. the object name recorded in the cache_entry, turns into an
189 object_id.
191 * JGit can show a fake ref "capabilities^{}" to "git fetch" when it
192 does not advertise any refs, but "git fetch" was not prepared to
193 see such an advertisement. When the other side disconnects without
194 giving any ref advertisement, we used to say "there may not be a
195 repository at that URL", but we may have seen other advertisement
196 like "shallow" and ".have" in which case we definitely know that a
197 repository is there. The code to detect this case has also been
198 updated.
200 * Some codepaths in "git pack-objects" were not ready to use an
201 existing pack bitmap; now they are and as the result they have
202 become faster.
204 * The codepath in "git fsck" to detect malformed tree objects has
205 been updated not to die but keep going after detecting them.
207 * We call "qsort(array, nelem, sizeof(array[0]), fn)", and most of
208 the time third parameter is redundant. A new QSORT() macro lets us
209 omit it.
211 * "git pack-objects" in a repository with many packfiles used to
212 spend a lot of time looking for/at objects in them; the accesses to
213 the packfiles are now optimized by checking the most-recently-used
214 packfile first.
215 (merge c9af708b1a jk/pack-objects-optim-mru later to maint).
217 * Codepaths involved in interacting alternate object store have
218 been cleaned up.
220 * In order for the receiving end of "git push" to inspect the
221 received history and decide to reject the push, the objects sent
222 from the sending end need to be made available to the hook and
223 the mechanism for the connectivity check, and this was done
224 traditionally by storing the objects in the receiving repository
225 and letting "git gc" to expire it. Instead, store the newly
226 received objects in a temporary area, and make them available by
227 reusing the alternate object store mechanism to them only while we
228 decide if we accept the check, and once we decide, either migrate
229 them to the repository or purge them immediately.
231 * The require_clean_work_tree() helper was recreated in C when "git
232 pull" was rewritten from shell; the helper is now made available to
233 other callers in preparation for upcoming "rebase -i" work.
235 * "git upload-pack" had its code cleaned-up and performance improved
236 by reducing use of timestamp-ordered commit-list, which was
237 replaced with a priority queue.
239 * "git diff --no-index" codepath has been updated not to try to peek
240 into .git/ directory that happens to be under the current
241 directory, when we know we are operating outside any repository.
243 * Update of the sequencer codebase to make it reusable to reimplement
244 "rebase -i" continues.
246 * Git generally does not explicitly close file descriptors that were
247 open in the parent process when spawning a child process, but most
248 of the time the child does not want to access them. As Windows does
249 not allow removing or renaming a file that has a file descriptor
250 open, a slow-to-exit child can even break the parent process by
251 holding onto them. Use O_CLOEXEC flag to open files in various
252 codepaths.
254 * Update "interpret-trailers" machinery and teaches it that people in
255 real world write all sorts of crufts in the "trailer" that was
256 originally designed to have the neat-o "Mail-Header: like thing"
257 and nothing else.
260 Also contains various documentation updates and code clean-ups.
263 Fixes since v2.10
264 -----------------
266 Unless otherwise noted, all the fixes since v2.9 in the maintenance
267 track are contained in this release (see the maintenance releases'
268 notes for details).
270 * Clarify various ways to specify the "revision ranges" in the
271 documentation.
273 * "diff-highlight" script (in contrib/) learned to work better with
274 "git log -p --graph" output.
276 * The test framework left the number of tests and success/failure
277 count in the t/test-results directory, keyed by the name of the
278 test script plus the process ID. The latter however turned out not
279 to serve any useful purpose. The process ID part of the filename
280 has been removed.
282 * Having a submodule whose ".git" repository is somehow corrupt
283 caused a few commands that recurse into submodules loop forever.
285 * "git symbolic-ref -d HEAD" happily removes the symbolic ref, but
286 the resulting repository becomes an invalid one. Teach the command
287 to forbid removal of HEAD.
289 * A test spawned a short-lived background process, which sometimes
290 prevented the test directory from getting removed at the end of the
291 script on some platforms.
293 * Update a few tests that used to use GIT_CURL_VERBOSE to use the
294 newer GIT_TRACE_CURL.
296 * "git pack-objects --include-tag" was taught that when we know that
297 we are sending an object C, we want a tag B that directly points at
298 C but also a tag A that points at the tag B. We used to miss the
299 intermediate tag B in some cases.
301 * Update Japanese translation for "git-gui".
303 * "git fetch http::/site/path" did not die correctly and segfaulted
304 instead.
306 * "git commit-tree" stopped reading commit.gpgsign configuration
307 variable that was meant for Porcelain "git commit" in Git 2.9; we
308 forgot to update "git gui" to look at the configuration to match
309 this change.
311 * "git add --chmod=+x" added recently lacked documentation, which has
312 been corrected.
314 * "git log --cherry-pick" used to include merge commits as candidates
315 to be matched up with other commits, resulting a lot of wasted time.
316 The patch-id generation logic has been updated to ignore merges to
317 avoid the wastage.
319 * The http transport (with curl-multi option, which is the default
320 these days) failed to remove curl-easy handle from a curlm session,
321 which led to unnecessary API failures.
323 * There were numerous corner cases in which the configuration files
324 are read and used or not read at all depending on the directory a
325 Git command was run, leading to inconsistent behaviour. The code
326 to set-up repository access at the beginning of a Git process has
327 been updated to fix them.
328 (merge 4d0efa1 jk/setup-sequence-update later to maint).
330 * "git diff -W" output needs to extend the context backward to
331 include the header line of the current function and also forward to
332 include the body of the entire current function up to the header
333 line of the next one. This process may have to merge two adjacent
334 hunks, but the code forgot to do so in some cases.
336 * Performance tests done via "t/perf" did not use the same set of
337 build configuration if the user relied on autoconf generated
338 configuration.
340 * "git format-patch --base=..." feature that was recently added
341 showed the base commit information after "-- " e-mail signature
342 line, which turned out to be inconvenient. The base information
343 has been moved above the signature line.
345 * More i18n.
347 * Even when "git pull --rebase=preserve" (and the underlying "git
348 rebase --preserve") can complete without creating any new commit
349 (i.e. fast-forwards), it still insisted on having a usable ident
350 information (read: user.email is set correctly), which was less
351 than nice. As the underlying commands used inside "git rebase"
352 would fail with a more meaningful error message and advice text
353 when the bogus ident matters, this extra check was removed.
355 * "git gc --aggressive" used to limit the delta-chain length to 250,
356 which is way too deep for gaining additional space savings and is
357 detrimental for runtime performance. The limit has been reduced to
358 50.
360 * Documentation for individual configuration variables to control use
361 of color (like `color.grep`) said that their default value is
362 'false', instead of saying their default is taken from `color.ui`.
363 When we updated the default value for color.ui from 'false' to
364 'auto' quite a while ago, all of them broke. This has been
365 corrected.
367 * The pretty-format specifier "%C(auto)" used by the "log" family of
368 commands to enable coloring of the output is taught to also issue a
369 color-reset sequence to the output.
371 * A shell script example in check-ref-format documentation has been
372 fixed.
374 * "git checkout <word>" does not follow the usual disambiguation
375 rules when the <word> can be both a rev and a path, to allow
376 checking out a branch 'foo' in a project that happens to have a
377 file 'foo' in the working tree without having to disambiguate.
378 This was poorly documented and the check was incorrect when the
379 command was run from a subdirectory.
381 * Some codepaths in "git diff" used regexec(3) on a buffer that was
382 mmap(2)ed, which may not have a terminating NUL, leading to a read
383 beyond the end of the mapped region. This was fixed by introducing
384 a regexec_buf() helper that takes a <ptr,len> pair with REG_STARTEND
385 extension.
387 * The procedure to build Git on Mac OS X for Travis CI hardcoded the
388 internal directory structure we assumed HomeBrew uses, which was a
389 no-no. The procedure has been updated to ask HomeBrew things we
390 need to know to fix this.
392 * When "git rebase -i" is given a broken instruction, it told the
393 user to fix it with "--edit-todo", but didn't say what the step
394 after that was (i.e. "--continue").
396 * Documentation around tools to import from CVS was fairly outdated.
398 * "git clone --recurse-submodules" lost the progress eye-candy in
399 recent update, which has been corrected.
401 * A low-level function verify_packfile() was meant to show errors
402 that were detected without dying itself, but under some conditions
403 it didn't and died instead, which has been fixed.
405 * When "git fetch" tries to find where the history of the repository
406 it runs in has diverged from what the other side has, it has a
407 mechanism to avoid digging too deep into irrelevant side branches.
408 This however did not work well over the "smart-http" transport due
409 to a design bug, which has been fixed.
411 * In the codepath that comes up with the hostname to be used in an
412 e-mail when the user didn't tell us, we looked at ai_canonname
413 field in struct addrinfo without making sure it is not NULL first.
415 * "git worktree", even though it used the default_abbrev setting that
416 ought to be affected by core.abbrev configuration variable, ignored
417 the variable setting. The command has been taught to read the
418 default set of configuration variables to correct this.
420 * "git init" tried to record core.worktree in the repository's
421 'config' file when GIT_WORK_TREE environment variable was set and
422 it was different from where GIT_DIR appears as ".git" at its top,
423 but the logic was faulty when .git is a "gitdir:" file that points
424 at the real place, causing trouble in working trees that are
425 managed by "git worktree". This has been corrected.
427 * Codepaths that read from an on-disk loose object were too loose in
428 validating what they are reading is a proper object file and
429 sometimes read past the data they read from the disk, which has
430 been corrected. H/t to Gustavo Grieco for reporting.
432 * The original command line syntax for "git merge", which was "git
433 merge <msg> HEAD <parent>...", has been deprecated for quite some
434 time, and "git gui" was the last in-tree user of the syntax. This
435 is finally fixed, so that we can move forward with the deprecation.
437 * An author name, that spelled a backslash-quoted double quote in the
438 human readable part "My \"double quoted\" name", was not unquoted
439 correctly while applying a patch from a piece of e-mail.
441 * Doc update to clarify what "log -3 --reverse" does.
443 * Almost everybody uses DEFAULT_ABBREV to refer to the default
444 setting for the abbreviation, but "git blame" peeked into
445 underlying variable bypassing the macro for no good reason.
447 * The "graph" API used in "git log --graph" miscounted the number of
448 output columns consumed so far when drawing a padding line, which
449 has been fixed; this did not affect any existing code as nobody
450 tried to write anything after the padding on such a line, though.
452 * The code that parses the format parameter of for-each-ref command
453 has seen a micro-optimization.
455 * When we started cURL to talk to imap server when a new enough
456 version of cURL library is available, we forgot to explicitly add
457 imap(s):// before the destination. To some folks, that didn't work
458 and the library tried to make HTTP(s) requests instead.
460 * The ./configure script generated from configure.ac was taught how
461 to detect support of SSL by libcurl better.
463 * The command-line completion script (in contrib/) learned to
464 complete "git cmd ^mas<HT>" to complete the negative end of
465 reference to "git cmd ^master".
466 (merge 49416ad22a cp/completion-negative-refs later to maint).
468 * The existing "git fetch --depth=<n>" option was hard to use
469 correctly when making the history of an existing shallow clone
470 deeper. A new option, "--deepen=<n>", has been added to make this
471 easier to use. "git clone" also learned "--shallow-since=<date>"
472 and "--shallow-exclude=<tag>" options to make it easier to specify
473 "I am interested only in the recent N months worth of history" and
474 "Give me only the history since that version".
475 (merge cccf74e2da nd/shallow-deepen later to maint).
477 * It is a common mistake to say "git blame --reverse OLD path",
478 expecting that the command line is dwimmed as if asking how lines
479 in path in an old revision OLD have survived up to the current
480 commit.
481 (merge e1d09701a4 jc/blame-reverse later to maint).
483 * http.emptyauth configuration is a way to allow an empty username to
484 pass when attempting to authenticate using mechanisms like
485 Kerberos. We took an unspecified (NULL) username and sent ":"
486 (i.e. no username, no password) to CURLOPT_USERPWD, but did not do
487 the same when the username is explicitly set to an empty string.
489 * "git clone" of a local repository can be done at the filesystem
490 level, but the codepath did not check errors while copying and
491 adjusting the file that lists alternate object stores.
493 * Documentation for "git commit" was updated to clarify that "commit
494 -p <paths>" adds to the current contents of the index to come up
495 with what to commit.
497 * A stray symbolic link in $GIT_DIR/refs/ directory could make name
498 resolution loop forever, which has been corrected.
500 * The "submodule.<name>.path" stored in .gitmodules is never copied
501 to .git/config and such a key in .git/config has no meaning, but
502 the documentation described it and submodule.<name>.url next to
503 each other as if both belong to .git/config. This has been fixed.
505 * In a worktree connected to a repository elsewhere, created via "git
506 worktree", "git checkout" attempts to protect users from confusion
507 by refusing to check out a branch that is already checked out in
508 another worktree. However, this also prevented checking out a
509 branch, which is designated as the primary branch of a bare
510 reopsitory, in a worktree that is connected to the bare
511 repository. The check has been corrected to allow it.
513 * "git rebase" immediately after "git clone" failed to find the fork
514 point from the upstream.
516 * When fetching from a remote that has many tags that are irrelevant
517 to branches we are following, we used to waste way too many cycles
518 when checking if the object pointed at by a tag (that we are not
519 going to fetch!) exists in our repository too carefully.
521 * Protect our code from over-eager compilers.
523 * Recent git allows submodule.<name>.branch to use a special token
524 "." instead of the branch name; the documentation has been updated
525 to describe it.
527 * A hot-fix for a test added by a recent topic that went to both
528 'master' and 'maint' already.
530 * "git send-email" attempts to pick up valid e-mails from the
531 trailers, but people in real world write non-addresses there, like
532 "Cc: Stable <add@re.ss> # 4.8+", which broke the output depending
533 on the availability and vintage of Mail::Address perl module.
534 (merge dcfafc5214 mm/send-email-cc-cruft-after-address later to maint).
536 * The Travis CI configuration we ship ran the tests with --verbose
537 option but this risks non-TAP output that happens to be "ok" to be
538 misinterpreted as TAP signalling a test that passed. This resulted
539 in unnecessary failure. This has been corrected by introducing a
540 new mode to run our tests in the test harness to send the verbose
541 output separately to the log file.
543 * Some AsciiDoc formatter mishandles a displayed illustration with
544 tabs in it. Adjust a few of them in merge-base documentation to
545 work around them.
547 * A minor regression fix for "git submodule" that was introduced
548 when more helper functions were reimplemented in C.
549 (merge 77b63ac31e sb/submodule-ignore-trailing-slash later to maint).
551 * The code that we have used for the past 10+ years to cycle
552 4-element ring buffers turns out to be not quite portable in
553 theoretical world.
554 (merge bb84735c80 rs/ring-buffer-wraparound later to maint).
556 * "git daemon" used fixed-length buffers to turn URL to the
557 repository the client asked for into the server side directory
558 path, using snprintf() to avoid overflowing these buffers, but
559 allowed possibly truncated paths to the directory. This has been
560 tightened to reject such a request that causes overlong path to be
561 required to serve.
562 (merge 6bdb0083be jk/daemon-path-ok-check-truncation later to maint).
564 * Recent update to git-sh-setup (a library of shell functions that
565 are used by our in-tree scripted Porcelain commands) included
566 another shell library git-sh-i18n without specifying where it is,
567 relying on the $PATH. This has been fixed to be more explicit by
568 prefixing $(git --exec-path) output in front.
569 (merge 1073094f30 ak/sh-setup-dot-source-i18n-fix later to maint).
571 * Fix for a racy false-positive test failure.
572 (merge fdf4f6c79b as/merge-attr-sleep later to maint).
574 * Portability update and workaround for builds on recent Mac OS X.
575 (merge a296bc0132 ls/macos-update later to maint).
577 * Using a %(HEAD) placeholder in "for-each-ref --format=" option
578 caused the command to segfault when on an unborn branch.
579 (merge 84679d470d jc/for-each-ref-head-segfault-fix later to maint).
581 * "git rebase -i" did not work well with core.commentchar
582 configuration variable for two reasons, both of which have been
583 fixed.
584 (merge 882cd23777 js/rebase-i-commentchar-fix later to maint).
586 * Other minor doc, test and build updates and code cleanups.
587 (merge 5c238e29a8 jk/common-main later to maint).
588 (merge 5a5749e45b ak/pre-receive-hook-template-modefix later to maint).
589 (merge 6d834ac8f1 jk/rebase-config-insn-fmt-docfix later to maint).
590 (merge de9f7fa3b0 rs/commit-pptr-simplify later to maint).
591 (merge 4259d693fc sc/fmt-merge-msg-doc-markup-fix later to maint).
592 (merge 28fab7b23d nd/test-helpers later to maint).
593 (merge c2bb0c1d1e rs/cocci later to maint).
594 (merge 3285b7badb ps/common-info-doc later to maint).
595 (merge 2b090822e8 nd/worktree-lock later to maint).
596 (merge 4bd488ea7c jk/create-branch-remove-unused-param later to maint).
597 (merge 974e0044d6 tk/diffcore-delta-remove-unused later to maint).