| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-7.0:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I73d5233916d021096381b4c8116312134761dfad
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* stable-6.10:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I81ef0aef1dd65ec614385f12953122da2ee9d459
|
| | | |\
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* stable-6.9:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: Id42981e23f88ffcfb565a9d3418e6a8899bad0bc
|
| | | | |\
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* stable-6.8:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I52b27f68a05dc07f8a181b680a62409fbb31f25e
|
| | | | | |\
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* stable-6.7:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I38958568f0eee70394d03292d5dab881d585cef4
|
| | | | | | |\
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* stable-6.6:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I7fd139f513cc2c0b19814ac15881e80ce0438782
|
| | | | | | | |\
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* stable-6.5:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I12e9aa0e8a597e5976b555146265aceabcb18335
|
| | | | | | | | |\
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Remove jetty source bundles from p2 repo since they aren't available for
jetty 10.0.13.
* stable-6.4:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I4e9262d883d31bbc9392b2140f9071a3093d56af
|
| | | | | | | | | |\
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
* stable-6.3:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I448bad5c8333607ef5f39ceda70f004ee8a9ba31
|
| | | | | | | | | | |\
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
* stable-6.2:
MergeToolTest: update expected error from the tool
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I23df8552b799ed5bd4c8472d3775372d78a573ea
|
| | | | | | | | | | | |\
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
* stable-6.1:
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: I7a0c22f2288c2201af04d60f9ed59730341a31d5
|
| | | | | | | | | | | | |\
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
* stable-6.0:
Add dash license check for 3rd party dependencies
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: Ie3343cb83babb30ffc802967f491182c8c84d61d
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Change-Id: I552bd4e5a43871d4772d2d4fba7232f5dbb101ec
|
| | | | | | | | | | | | | |\
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-5.13:
Prepare 5.13.5-SNAPSHOT builds
JGit v5.13.4.202507202350-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
AdvertisedRequestValidator: fix WantNotValidException caused by race
Prepare 5.13.4-SNAPSHOT builds
Fix packaging build
Change-Id: Ib29309f853bcd3825058128d62c90f2739f30590
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Change-Id: Iafe52ac049219f3da3888811135e5729d053aa1a
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: Ib49e2cf19633d986d14ef059f92499fdb5c98086
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
This follows OWASP recommendations in
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
Change-Id: I3d47debf14d95c8189d51256b4eb2ba991279452
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
These open the door for XXE attacks [1] and manifest do not need them.
[1] https://en.wikipedia.org/wiki/XML_external_entity_attack
Change-Id: Ia79971e1c34afaf287584ae4a7f71baebcb48b6a
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Fetch with protocol V2 failed under the following conditions
- fetch uses bidirectional protocol (git, ssh) which uses a shortcut
to determine invalid wants
- not all wants are advertised
- race condition: wanted ref is updated during fetch by another thread
after the thread serving upload-pack determined wants and before it
checks not advertised wants
Fix this by calling
`new ReachableCommitRequestValidator().checkWants(up, wants)`
instead of throwing WantNotValidException in [1]
if this race happened in the same way like it's done for unidirectional
protocols (http) [2].
[1] https://github.com/eclipse-jgit/jgit/blob/stable-6.10/org.eclipse.jgit/src/org/eclipse/jgit/transport/UploadPack.java#L2002
[2] https://github.com/eclipse-jgit/jgit/blob/stable-6.10/org.eclipse.jgit/src/org/eclipse/jgit/transport/UploadPack.java#L2000
Bug: jgit-48
Change-Id: I32f28502923815dc49781aab5d810c9afbe7e7e6
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Change-Id: I0fe9792b7ac883f355d2dbfa5cac97b7b26648ae
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
- use target platform 4.21
- remove all older target platforms
- update tycho to 4.0.13, hence maven needs to be run using Java 17
- enforce build is run using Java 17 or higher
- remove pack200 plugins
Change-Id: I50a52c22f4665b6323ee6d29da18e39960d008af
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
This test fails in jenkins becuase the error string is slightly
different. It seems to come from an external tool (git mergetool?)
that maybe changed that output (?).
At the moment update the error string to match the output of the
tool. Parsing error messages is bound to be flaky.
Change-Id: I81e9bf65088b893af3a0d8e53d57052583fc2262
|
| |\| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-7.0:
Fix: Close the "preserved" PackDirectory
Change-Id: Icd3f79322f8c021e18fd5c881cd9f2a406230fa8
|
| | |\| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-6.10:
Fix: Close the "preserved" PackDirectory
Change-Id: Ie0ecfd8178ef4e2eef6a29d46be5645648fe88f3
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
This has been missing since the feature was first added in commit
6167641834e28f8ad322f8fde60866b339bfb7fe.
It's possible we could be more aggressive and close soon after
attempting to get an object from the preserved packs, but for concurrent
misses that might cause thrashing. More likely it would be safe to
attempt closing after successfully restoring a preserved pack. A follow
up change should attempt that.
Change-Id: I87d61007bcc3d03fc86bd18465ca66a2e6f697a1
|
| |\| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-7.0:
Use the same ordering/locking in delete() as C git
Change-Id: I2c38321ee410d9ec60481d56315710beaebd393a
|
| | |\| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-6.10:
Use the same ordering/locking in delete() as C git
Change-Id: I0d06e39d06315e0b9e770bdf79164779d98f9f50
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Following the examples of cgit, lock packed-refs *before* checking for
existance of refs in it [1] and *keep the lock* until the loose ref (if
any) is removed [2]. The packed-refs lock is kept even when no
packed-refs update is required [3] so that somebody else doesn't pack a
reference that we are trying to delete.
This fixes a concurrency issue that happens on projects with a
substantial amount of refs(>~500k) where packing takes long enough for a
ref deletion to be triggered half way through it. Not locking the
packed-refs file before checking if the refs exists is not safe, as it
opens up situations where loose refs are repacked in memory and locked
on disk, but before the lock is released and packed-refs is flushed to
disk, a ref is deleted.
As packed-refs was NOT locked while checking wether a ref existed in it,
the current content on disk was read, which was about to be overwritten
and did not contain the ref about to be deleted. As the delete doesn't
see the ref in the current, on-disk, version of packed refs, it skips
processing altogether and moves on, correctly, deleting only the
associated loose ref and leaving the packed one behind.
Once the new packed-refs, containing the ref that was just deleted, was
commited to disk, the ref would come back to life.
Therefore, the packed-refs needs to be locked before checking if it
contains a ref or not in the same way the C implementation of Git does
at [1].
There are tradeoffs, though, in this decision, which will reduce the
parallelism of deleting loose refs and performing the refs repacking,
which happens very often in certain JGit implementations like Gerrit
Code Review. Before this change, repacking of refs and removal of loose
refs unrelated to the in-flight repacking was possible without involving
any locking; after this change, all loose refs removals have to wait for
the packing of refs to be completed, even though the repacking and the
refs removals were completely unrelated and their namespaces disjoint.
See more details on the test's performance results and the associated
tradeoffs in the Issue jgit-152.
NOTE: This delete ref locking logic was incorrect regardless of how the
packing of the refs is implemented. Making decisions if the pack
transaction is needed or not on an unlocked resource is racy and also
flagged as bug at [1].
[1]https://github.com/git/git/blob/master/refs/packed-backend.c#L1590
[2]https://github.com/git/git/blob/master/refs/files-backend.c#L3261
[3]https://github.com/git/git/blob/master/refs/files-backend.c#L2943
Bug: jgit-152
Change-Id: I158ec837904617c5fdf667e295ae667b2f037945
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Change-Id: If1e74998a5d6495dafecd2e29b37dbf9018f99e6
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: Ie69fa5fb5497f8bbb66c68b03eb161fb61bcddf1
|
| |\| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-7.0:
Prepare 7.0.2-SNAPSHOT builds
JGit v7.0.1.202505221510-r
Prepare 6.10.2-SNAPSHOT builds
JGit v6.10.1.202505221210-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
Change-Id: I4506e4bf51225000418b15bf09df3287be26242a
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Change-Id: I80b330e687e96385176f00757dbf4491ce662dbc
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: Id31e58be65f27c8f475f810b83491652be1266df
|
| | |\| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-6.10:
Prepare 6.10.2-SNAPSHOT builds
JGit v6.10.1.202505221210-r
AmazonS3: Do not accept DOCTYPE and entities
ManifestParser: Do not accept DOCTYPE and entities
Change-Id: I699d57974d9ef2428355c59194c6becbc16828b7
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Change-Id: Id893557b6929718f8528ce50b0f7bdb23057aa15
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: I60dd6d671f605c7cfaed747cc0fc1772115e5f37
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
This follows OWASP recommendations in
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
Change-Id: I3d47debf14d95c8189d51256b4eb2ba991279452
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
These open the door for XXE attacks [1] and manifest do not need them.
[1] https://en.wikipedia.org/wiki/XML_external_entity_attack
Change-Id: Ia79971e1c34afaf287584ae4a7f71baebcb48b6a
|
| |\| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-7.0:
Do not load bitmap indexes during directory scans
Fix calculation of pack files and objects since bitmap
Pack: no longer set invalid in openFail()
Change-Id: I480a52909a7f3ee771947c0fd447433e10a9b19b
|
| | |\| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-6.10:
Do not load bitmap indexes during directory scans
Fix calculation of pack files and objects since bitmap
Pack: no longer set invalid in openFail()
Change-Id: I8846ad4745a360244f81518a028fed5f07086724
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Previously, if a bitmap index had not been loaded yet, it would get
loaded during a directory scan. Loading a bitmap file can be expensive
and there is no immediate need to do so during a scan. Fix this by
simply setting bitmap index file names on the Packs during directory
scans so that bitmaps can be lazily loaded at some later point if they
are needed.
This change has the side affect of no longer marking a Pack valid if it
is currently invalid simply because a bitmap file has been found, as
there is no valid reason to do so and this can incorrectly mark a Pack
without an index, or with other issues valid. Since the initial lack of
a bitmap file, or an invalid one, or the deletion of one, would not
result in the Pack being marked invalid, there is no need to overturn
the invalid flag when a new bitmap file is found.
Change-Id: I056acc09e7ae6a0982acd81b552d524190ebb4be
Signed-off-by: Martin Fick <mfick@nvidia.com>
|
| | | |\ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
The intention of the 'invalidate' argument in openFail() is to
invalidate the Pack in certain situations. However, after moving
doOpen() to a lock instead of using synchronized, the invalidation
approach could also incorrectly mark an already invalid Pack valid,
which was never the intention since previously invalid would only ever
get set to false if it already was false. Fix this by never setting
invalid in openFail(), instead set invalid explicitly before calling
openFail when needed. This makes the intent clearer, and aligns better
with all the existing comments already trying to explain the boolean
(and some of them become obvious enough now that the comment is deleted
or shortened). This is also likely faster than adding a conditional in
openFail() to make 'invalidate' work properly.
Change-Id: Ie6182103ee2994724cb5cb0b64030fedba84b637
Signed-off-by: Martin Fick <mfick@nvidia.com>
|
| | | |/ / / / / / / / / / / /
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Fix a logic issue where pack files and objects created since the most
recent bitmap were incorrectly counted, ignoring their modification
time.
Since pack files are processed in order from most recent to oldest, we
can reliably stop counting as soon as we encounter the first bitmap. By
definition, all subsequent pack files are older and should not be
included in the count.
This ensures accurate repository statistics and prevents overcounting.
Bug: jgit-140
Change-Id: I99d85fb70bc7eb42a8d24c74a1fdb8e03334099e
|
| |\| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-7.0:
RevWalk: Add an isMergedIntoAnyCommit() method
Pack: separate an open/close accounting lock
http.server/BUILD: expose servlet resources as target
Change-Id: I25d3ffe86150d4d9e8a54634145cdbee34ea15fb
|
| | |\| | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-6.10:
RevWalk: Add an isMergedIntoAnyCommit() method
Pack: separate an open/close accounting lock
http.server/BUILD: expose servlet resources as target
Change-Id: Icda1b3dbc79c47d5dcc45932fe452fcf66e35657
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
RevWalk had a bulk isMergedIntoAny() method, however it worked only for
Refs. Add a similar method which works for RevCommits instead.
Unfortunately isMergedIntoAny() cannot be overloaded since java does not
include the generic types in Collections of method signatures, so the
method name needs to be more complicated to differentiate it from the
existing method.
Change-Id: I4f8f3a83058a186fafe3b37726e21c5074a6b8e1
Signed-off-by: Martin Fick <mfick@nvidia.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Previously the open/close accounting code used whole Pack object
synchronization for locking. Unfortunately, there are other unrelated
methods which use whole Pack object synchronization also, mostly to
avoid concurrent loading of these independent indices, and they do not
touch or need to coordinate with the open/close accounting data. During
heavy load when a new file appears after repacking the readFully()
threads could uselessly block on threads reading the reverse index.
These threads could have been reading from the Pack file instead of
waiting for the reverse index to be read. Use a new lock to make this
locking more fine grained to prevent the readFully() calling threads
from getting blocked in beginWindowCache() while the reverse index or
bitmaps are being loaded.
Change-Id: I7ac9067ca10cd6d6be0ab25148d99da3ace7ba36
Signed-off-by: Martin Fick <mfick@nvidia.com>
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
JGit has moved to jakarta servlet-api, but gerrit is still in the
javax version. This is blocking gerrit to update their jgit
code. Gerrit can workaround this rebuilding the jar of jgit-servlet
but it is complicated to pass-through the resources.
Expose the resources of the servlet as a target, to help gerrit build
a javax version of the jgit-servlet.
Change-Id: Ifd794e4222ad442f4a538a4d38caa73d58be0f6d
(cherry picked from commit 31db36bbea6d081c8714a4c7ed3f5d81112ae8b8)
|
| |\| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
* stable-7.0:
WindowCache: share removal work among multiple threads
Update target platform version in maven build to 4.32 (2024-06)
Change-Id: Idd6a8a2c3b5c6f53645dbe7144afb2e1e24e8ca3
|
