* mh/maint-lockfile-overflow:
  lockfile: fix buffer overflow in path handling

Avoid failing "git diff" when core.safecrlf is set to true, because
the user cannot tell where the breakage is in preparation for fixing
and committing.

* jc/maint-diff-core-safecrlf:
  diff: demote core.safecrlf=true to core.safecrlf=warn

This test confirms that a file can be ignored during git p4 sync if if is
excluded in P4 client specification.
Signed-off-by: NVitor Antunes <vitor.hda@gmail.com>
Acked-by: NPete Wyckoff <pw@padd.com>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

Hopefully this will be the final maintenance release before we go to
feature freeze for 1.8.4.

The variable len is set to

    len = strchrnul(line, '\n') - line;

unconditionally 9 lines later, hence we can remove the call to strlen.
Signed-off-by: NStefan Beller <stefanbeller@googlemail.com>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

That pointer will be assigned to new memory via

    request = xmalloc(sizeof(*request));

20 lines later unconditionally anyway, so it's safe to not assign it
to an arbitrary variable.
Signed-off-by: NStefan Beller <stefanbeller@googlemail.com>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

* tr/test-lint-no-export-assignment-in-shell:
  test-lint: detect 'export FOO=bar'
  t9902: fix 'test A == B' to use = operator

* rr/name-rev-stdin-doc:
  name-rev doc: rewrite --stdin paragraph

* ft/diff-rename-default-score-is-half:
  diff-options: document default similarity index

* jc/t1512-fix:
  get_short_sha1(): correctly disambiguate type-limited abbreviation
  t1512: correct leftover constants from earlier edition

* vl/typofix:
  random typofixes (committed missing a 't', successful missing an 's')

* wk/doc-git-has-grown:
  user-manual: Update download size for Git and the kernel

* ys/cygstart:
  web--browse: support /usr/bin/cygstart on Cygwin

* mm/push-force-is-dangerous:
  Documentation/git-push.txt: explain better cases where --force is dangerous

* rs/logical-vs-binary-or:
  use logical OR (||) instead of binary OR (|) in logical context

* js/test-ln-s-add:
  t4011: remove SYMLINKS prerequisite
  t6035: use test_ln_s_add to remove SYMLINKS prerequisite
  t3509, t4023, t4114: use test_ln_s_add to remove SYMLINKS prerequisite
  t3100: use test_ln_s_add to remove SYMLINKS prerequisite
  t3030: use test_ln_s_add to remove SYMLINKS prerequisite
  t0000: use test_ln_s_add to remove SYMLINKS prerequisite
  tests: use test_ln_s_add to remove SYMLINKS prerequisite (trivial cases)
  tests: introduce test_ln_s_add
  t3010: modernize style
  test-chmtime: Fix exit code on Windows

Allow our tests to run with newer Apache.

* jk/apache-test-for-2.4:
  lib-httpd/apache.conf: check version only after mod_version loads
  t/lib-httpd/apache.conf: configure an MPM module for apache 2.4
  t/lib-httpd/apache.conf: load compat access module in apache 2.4
  t/lib-httpd/apache.conf: load extra auth modules in apache 2.4
  t/lib-httpd/apache.conf: do not use LockFile in apache >= 2.4

* tr/test-commit-only-on-orphan:
  Test 'commit --only' after 'checkout --orphan'

* sb/archive-zip-double-assignment-fix:
  archive-zip:write_zip_entry: Remove second reset of size variable to zero.

The bisect log listed incorrect commits when bisection ends with
only skipped ones.

* th/bisect-skip-report-range-fix:
  bisect: Fix log output for multi-parent skip ranges

* rs/tar-tests:
  t5000: test long filenames
  t5000: simplify tar-tree tests
  t5000: use check_tar for prefix test
  t5000: factor out check_tar
  t5000, t5003: create directories for extracted files lazily
  t5000: integrate export-subst tests into regular tests

* rr/column-doc:
  column doc: rewrite documentation for column.ui

* rs/discard-index-discard-array:
  read-cache: free cache in discard_index
  read-cache: add simple performance test

The test coverage framework was left broken for some time.

* tr/coverage:
  coverage: build coverage-untested-functions by default
  coverage: set DEFAULT_TEST_TARGET to avoid using prove
  coverage: do not delete .gcno files before building
  coverage: split build target into compile and test

Reported-By: NIbrahim M. Ghazal <imgx64@gmail.com>
Signed-off-by: NStefan Beller <stefanbeller@googlemail.com>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

Signed-off-by: NJunio C Hamano <gitster@pobox.com>

"git apply" parsed patches that add new files, generated by programs
other than Git, incorrectly.  This is an old breakage in v1.7.11.

* tr/maint-apply-non-git-patch-parsefix:
  apply: carefully strdup a possibly-NULL name

Older cURL wanted piece of memory we call it with to be stable, but
we updated the auth material after handing it to a call.

* bc/http-keep-memory-given-to-curl:
  http.c: don't rewrite the user:passwd string multiple times

"git pull" into nothing trashed "local changes" that were in the
index.

* jk/pull-into-dirty-unborn:
  pull: merge into unborn by fast-forwarding from empty tree
  pull: update unborn branch tip after index

Many "git submodule" operations did not work on a submodule at a
path whose name is not in ASCII.

* fg/submodule-non-ascii-path:
  t7400: test of UTF-8 submodule names pass under Mac OS
  handle multibyte characters in name

"cherry-pick" had a small leak in its error codepath.

* fc/sequencer-plug-leak:
  sequencer: avoid leaking message buffer when refusing to create an empty commit
  sequencer: remove useless indentation

Logic used by git-send-email to suppress cc mishandled names like "A
U. Thor" <author@example.xz>, where the human readable part needs to
be quoted (the user input may not have the double quotes around the
name, and comparison was done between quoted and unquoted strings).
It also mishandled names that need RFC2047 quoting.

* mt/send-email-cc-match-fix:
  send-email: sanitize author when writing From line
  send-email: add test for duplicate utf8 name
  test-send-email: test for pre-sanitized self name
  t/send-email: test suppress-cc=self with non-ascii
  t/send-email: add test with quoted sender
  send-email: make --suppress-cc=self sanitize input
  t/send-email: test suppress-cc=self on cccmd
  send-email: fix suppress-cc=self on cccmd
  t/send-email.sh: add test for suppress-cc=self

Some shells do not understand the one-line construct, and instead need

  FOO=bar &&
  export FOO

Detect this in the test-lint target.
Signed-off-by: NThomas Rast <trast@inf.ethz.ch>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

The == operator as an alias to = is not POSIX.  This doesn't actually
matter for the execution of the script, because it only runs when the
shell is bash.  However, it trips up test-lint, so it's nicer to use
the standard form.
Signed-off-by: NThomas Rast <trast@inf.ethz.ch>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

Signed-off-by: NRamkumar Ramachandra <artagnon@gmail.com>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

The path of the file to be locked is held in lock_file::filename,
which is a fixed-length buffer of length PATH_MAX.  This buffer is
also (temporarily) used to hold the path of the lock file, which is
the path of the file being locked plus ".lock".  Because of this, the
path of the file being locked must be less than (PATH_MAX - 5)
characters long (5 chars are needed for ".lock" and one character for
the NUL terminator).

On entry into lock_file(), the path length was only verified to be
less than PATH_MAX characters, not less than (PATH_MAX - 5)
characters.

When and if resolve_symlink() is called, then that function is
correctly told to treat the buffer as (PATH_MAX - 5) characters long.
This part is correct.  However:

* If LOCK_NODEREF was specified, then resolve_symlink() is never
  called.

* If resolve_symlink() is called but the path is not a symlink, then
  the length check is never applied.

So it is possible for a path with length (PATH_MAX - 5 <= len <
PATH_MAX) to make it through the checks.  When ".lock" is strcat()ted
to such a path, the lock_file::filename buffer is overflowed.

Fix the problem by adding a check when entering lock_file() that the
original path is less than (PATH_MAX - 5) characters.

[jc: with independent development by Peff]
Signed-off-by: NMichael Haggerty <mhagger@alum.mit.edu>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

The default similarity index of 50% is documented in gitdiffcore(7)
but it is worth also mentioning it in the description of the
-M/--find-renames option.
Signed-off-by: NFraser Tweedale <frase@frase.id.au>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

This script was added in 36e5e70e (Start deprecating "git-command" in
favor of "git command", 2007-06-30) with the intent of aiding the
transition away from dashed forms.

It has already been used to help the transision and served its
purpose, and is no longer very useful for follow-up work, because
the majority of remaining matches it finds are false positives.
Signed-off-by: NRamkumar Ramachandra <artagnon@gmail.com>
Reviewed-by: NJeff King <peff@peff.net>
Signed-off-by: NJunio C Hamano <gitster@pobox.com>

Signed-off-by: NJunio C Hamano <gitster@pobox.com>

* rr/diffcore-pickaxe-doc:
  diffcore-pickaxe doc: document -S and -G properly
  diffcore-pickaxe: make error messages more consistent