github GitoxideLabs/gitoxide gix-v0.82.0
gix v0.82.0 - hardened
on GitHub

latest releases: v0.52.1, gitoxide-core-v0.56.0, gix-fsck-v0.20.0...
20 hours ago

Advisories with fixes

Bug Fixes

  • Correctly use $COMMON_DIR/info/exclude to make excludes work in worktrees.
    It turns out there is no per-worktree excludes file either.

  • do not open .gitmodule files through symlinks
    This could lead to places outside of the repository that are attacker controller.

  • don't follow submodule names with relative paths in them
    This made it possible to trick submodule repos to be opened outside of the
    actual repository.

  • Restore Category::to_full_name() to be able to produce any full name.
    Previously it learned to reject certain invalid branch names, but this has to
    be done separately and led to some unpleasant changes in gix as well.

  • reject refs/heads/HEAD as branch name during repo initialisation
    Also document that refs/heads/HEAD is allowed if FullName was created
    directly.

  • Tree::peel_to_entry() peel to the final tree entry (and only if it's a tree)

  • deduplicate entry-finding logic
    The logic for finding entries is duplicated 3 times.

    Use std::ops::ControlFlow for simpler, callback-friendly code.

  • std::path::Component has infallible conversion to &[u8]
    Instead of relying on a fallible path and using a default value,
    we can convert directly between a Component and a &[u8].

Chore (BREAKING)

  • Upgrade prodash and crosstermion to the latest version.
    This will fix the cargo deny issue as it brings in a newer lru crate.

New Features (BREAKING)

  • enforce the specification of alloc_init_bytes to handle untrusted input
    This breaking change is intended to force a decision about how
    much memory allocation an untrusted party can command by tempering
    with binary file formats.
  • Use imara-diff-v2 with git sliders processing
    The slider post-processing imrpoves the diff quality for about 8% slower diffs.
    Line-counts, however, will be 50% faster to compute.

Other

  • remove confusing map()

New Features

  • automatically limit allocation size on untrusted repositories.
    This can be controlled via gitoxide.objects.allocLimitIfReducedTrust.
  • read GIX_ALLOC_BYTES and pass them to gix-odb for reading untrusted input
  • add sha256 to gix

Documentation

  • add crate-root doctests

Commit Statistics

  • 50 commits contributed to the release over the course of 32 calendar days.
  • 32 days passed between releases.
  • 14 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

view details
  • Uncategorized
    • Update changelogs prior to release (f9fbcba)
    • Merge pull request #2530 from GitoxideLabs/advisories (63b8419)
    • Add fuzz tests for 10 more crates, and related fixes (0396152)
    • Do not open .gitmodule files through symlinks (52485a9)
    • Don't follow submodule names with relative paths in them (d2e193f)
    • Automatically limit allocation size on untrusted repositories. (95b0399)
    • Enforce the specification of alloc_init_bytes to handle untrusted input (91d0c26)
    • More alloc_limit tests to validate limit for loose objects as well. (9473d32)
    • Pass alloc_limit_bytes to gix-index (054494f)
    • Read GIX_ALLOC_BYTES and pass them to gix-odb for reading untrusted input (acffd6b)
    • Add reproductions for all known advisories (392336f)
    • Merge pull request #2497 from cruessler/pass-hash-len-to-tree-ref-iter (7d50c30)
    • Review (d9b358b)
    • Adapt to changes in gix-object (6df1d55)
    • Merge pull request #2523 from GitoxideLabs/improvements (6f47e98)
    • Adapt to changes in gix-traverse (a1bd845)
    • Merge pull request #2513 from GitoxideLabs/v2-diff (2a5db88)
    • Thanks clippy (e4f380e)
    • Use imara-diff-v2 with git sliders processing (8094f5d)
    • Merge pull request #2518 from GitoxideLabs/improvements (444a92b)
    • Make package.include patterns more specific so they don't match ignored files (c2c917f)
    • Merge pull request #2507 from GitoxideLabs/improvements (e51c40b)
    • Restore Category::to_full_name() to be able to produce any full name. (5b229c6)
    • Merge pull request #2505 from GitoxideLabs/improvements (420c5df)
    • Address auto-review (6a5a0ec)
    • Reject refs/heads/HEAD as branch name during repo initialisation (1adc44c)
    • Merge pull request #2492 from datdenkikniet/peel_to_entry (a298901)
    • Refactor (3542230)
    • Remove confusing map() (8a2b474)
    • Merge pull request #2494 from GitoxideLabs/improvements (50fb46f)
    • Adapt to changes in gix-config. (344218a)
    • Merge pull request #2493 from GitoxideLabs/improvements (af1ad55)
    • Adapt to changes in gix-config (7bda16a)
    • Merge pull request #2489 from GitoxideLabs/fix-entry-by-path (ec66ceb)
    • Address auto-review (6b45cfa)
    • Tree::peel_to_entry() peel to the final tree entry (and only if it's a tree) (7f77169)
    • Merge pull request #2487 from GitoxideLabs/top-level-examples (29c275e)
    • Add crate-root doctests (b1102c2)
    • Merge pull request #2459 from datdenkikniet/unify-traversal (de3f064)
    • Refactor (fc09ed2)
    • Deduplicate entry-finding logic (b37fef1)
    • Merge pull request #2485 from GitoxideLabs/fintohaps/fix-ls-refs-prefixing (700ad9e)
    • Fail on missing explicit refs after exact ls-refs` (df41a64)
    • Merge pull request #2448 from cruessler/add-sha-256-to-gix-refspec (9a78ae2)
    • Alter documentation of feature flags (3cf53e2)
    • Add sha256 to gix (dce21dd)
    • Merge pull request #2480 from GitoxideLabs/report (98bae84)
    • Merge branch 'main' into report (7eb98cb)
    • Merge pull request #2458 from datdenkikniet/direct-u8 (2ce6dde)
    • std::path::Component has infallible conversion to &[u8] (0e173d6)
Check out latest releases or
releases around GitoxideLabs/gitoxide gix-v0.82.0

Don't miss a new gitoxide release

NewReleases is sending notifications on new releases.

Get notifications