Skip to main content
AgeCommit message (Collapse)AuthorFilesLines
2017-03-21Add remaining parts of the bazel buildDavid Ostrovsky12-2/+504
Add bazel build for ui and junit.http, and the test packages. A number of different test labels are supported: api attributes dfs diff http lfs lfs-server nls notes pack patch pgm reftree revplot revwalk storage submodule symlinks transport treewalk util To run all tests: bazel test //... To run specific tests, using labels: bazel test --test_tag_filters=api,dfs,revplot,treewalk //... Change-Id: Ic41b05a79d855212e67b1b4707e9c6b4dc9ea70d Signed-off-by: David Ostrovsky <> Signed-off-by: Jonathan Nieder <>
2017-03-21Delegate crypto algorithm creation to InsecureCipherFactoryDavid Ostrovsky1-5/+4
This is a preparation change to Bazel build implementation. Error Prone rejects the code with variable crypto algorithm as insecure see: [1]. [1] Change-Id: I92db70a7da454bc364597a995e8be5dccc2d6427 Signed-off-by: David Ostrovsky <>
2017-03-19bazel: Mark junit targets testonlyJonathan Nieder3-1/+4
Only testonly targets (such as tests) need to use junit. In particular this involves making the toplevel :all rule testonly. It's not clear to me what that rule is for --- "bazel build //..." already works to build all targets. In any case it appears to be for testing, so marking it as testonly shouldn't be harmful. Change-Id: I28ff508ab8ce2ec0a0111109110aa9680d30600e
2017-03-19bazel: Add explicit targets for library dependenciesJonathan Nieder7-14/+72
This provides a place to declare visibility restrictions and transitive dependencies for each library. Other targets should only declare dependencies on what they directly use, making dependencies easier to maintain. Trim the dependencies of org.eclipse.jgit:jgit to follow that rule. It declares dependencies on Apache httpcomponents and the servlet API but doesn't use them. Tested: * 'bazel build //...' succeeds * applying the change to a copy of Gerrit, following the instructions there, and running 'bazel test //...' in that copy of Gerrit still succeeds Change-Id: I3ab958ce8b3227019cdbe4cc81e0f042e1541034
2017-03-18Fix test configuration to run RacyGitTests, and fix testRacyGitDetectionDavid Pursehouse2-2/+14
With the filename suffix "Tests", the module was not included in tests when building with Maven, and without the @Test annotations the tests didn't get executed under Eclipse or buck test. testRacyGitDetection was failing because the index file did not exist. Add the missing configuration, the missing annotations, and add a call to reset() in testRacyGitDetection to force creation of the index file. Change-Id: I29dd8f89c36fef4ab40bedce7f4a26bd9b2390e4 Signed-off-by: David Pursehouse <>
2017-03-18LongObjectIdTest: Remove self comparison testDavid Ostrovsky1-1/+0
This fixes test flagged by error prone: error: [SelfComparison] An object is compared to itself assertEquals(0, id1.compareTo(id1)); Change-Id: Ife339c92b9570db2471a2fc029b3bfa114044790 Signed-off-by: David Ostrovsky <>
2017-03-18RevFlagSetTest: Fix compilation error flagged by error proneDavid Ostrovsky1-1/+0
This fixes error flagged by error prone: Java compilation in rule '//org.eclipse.jgit.test:jgit' failed: Worker process sent response with exit code: 1. org.eclipse.jgit.test/tst/org/eclipse/jgit/revwalk/ error: [CollectionIncompatibleType] Argument '"bob"' should not be passed to this method; its type String is not compatible with its collection's type argument RevFlag assertFalse(set.contains("bob")); Change-Id: I4a971ce92fee55e28b2ab0c7b716ac20fa9c6709 Signed-off-by: David Ostrovsky <>
2017-03-18Move SHA1 compress/recompress files to resource folderDavid Ostrovsky2-0/+0
This fixes Bazel build: in srcs attribute of java_library rule //org.eclipse.jgit:jgit: file '//org.eclipse.jgit:src/org/eclipse/jgit/util/sha1/SHA1.recompress' is misplaced here (expected .java, .srcjar or .properties). Another option that was considered is to exclude the non source files. Change-Id: I7083f27a4a49bf6681c85c7cf7b08a83c9a70c77 Signed-off-by: David Ostrovsky <>
2017-03-15Merge "Merge branch 'stable-4.6'"Matthias Sohn3-9/+40
2017-03-15Merge branch 'stable-4.6'Matthias Sohn3-9/+40
* stable-4.6: Don't remove pack when FileNotFoundException is transient Change-Id: I82941a98385cda27c89e1e6750b7b6db4e39f414 Signed-off-by: Matthias Sohn <>
2017-03-15Merge branch 'stable-4.5' into stable-4.6Matthias Sohn3-9/+40
* stable-4.5: Don't remove pack when FileNotFoundException is transient Change-Id: Ic17c542d78a4cad48ff1ed77dcdc853a4ef2dc06 Signed-off-by: Matthias Sohn <>
2017-03-15Don't remove pack when FileNotFoundException is transientLuca Milanesio3-9/+40
The FileNotFoundException is typically raised in three conditions: 1. file doesn't exist 2. incompatible read vs. read/write open modes 3. filesystem locking 4. temporary lack of resources (e.g. too many open files) 1. is already managed, 2. would never happen as packs are not overwritten while with 3. and 4. it is worth logging the exception and retrying to read the pack again. Log transient errors using an exponential backoff strategy to avoid flooding the logs with the same error if consecutive retries to access the pack fail repeatedly. Bug: 513435 Change-Id: I03c6f6891de3c343d3d517092eaa75dba282c0cd Signed-off-by: Luca Milanesio <> Signed-off-by: Matthias Sohn <>
2017-03-15Don't try to strip new line if the message buffer is emptyAndrey Loskutov1-2/+6
Bug: 513726 Change-Id: I0e7c19f8883b93bad1b9de166f671d28f3e9c240 Signed-off-by: Andrey Loskutov <>
2017-03-12Upgrade error_prone_core to 2.0.18David Pursehouse1-1/+1
Change-Id: I155a7ff1e2488c2184506e77d1a01fda06fb4d57 Signed-off-by: David Pursehouse <>
2017-03-09FetchCommand: Fix detection of submodule recursion modeDavid Pursehouse3-38/+116
The value was being read from the configuration of the submodule, but it should be read from the config of the parent repository. Also, the fetch.recurseSubmodules value from the parent repository's configuration was not being considered at all. Fix both of these and add tests. Now the precedence of the recurse mode is determined as follows: 1. Value passed to the API 2. Value configured in 3. Value configured in fetch.recurseSubmodules 4. Default to "on demand" Change-Id: Ic23b7c40b5f39135fb3fd754c597dd4bcc94240c
2017-03-09Silence API error reported in LfsProtocolServletMatthias Sohn1-0/+11
Breaking API for API implementors (not clients) in a minor release is ok following OSGi semantic versioning rules. Change-Id: I14bb4a3084b237b4cd893a130e148148cd1e5df9 Signed-off-by: Matthias Sohn <>
2017-03-09Update JGit version used to detect API changes to 4.6.0Matthias Sohn1-1/+1
We detect API changes during the Maven build using japicmp. Update the reference version to the latest minor version 4.6.0. Change-Id: I70f65f4a0680671612f21ee1afac7f7ef0152cbb Signed-off-by: Matthias Sohn <>
2017-03-09Update jsch version used in pom.xml to 0.1.54Matthias Sohn1-1/+1
We updated the version we use for packaging the p2 repository in efbecb97 but missed to update the version we compile against in the Maven build. Bug: 513354 Change-Id: I49afd89b43cfd8735568a86ef273723909d694a3 Signed-off-by: Matthias Sohn <>
2017-03-08LfsProtocolServlet: Pass HTTP Authorization header to getLargeFileRepositoryDavid Pursehouse2-3/+50
This allows implementations to reject operations that do not include proper authentication. Change-Id: If301476d8fb56a0899e424be3789c7576097d185 Signed-off-by: David Pursehouse <>
2017-03-07Merge branch 'stable-4.6'David Pursehouse0-0/+0
* stable-4.6: Prepare 4.6.2-SNAPSHOT builds JGit v4.6.1.201703071140-r Change-Id: Idb3088ab6e64fb49f817b95bc0fef0a9efb77374 Signed-off-by: David Pursehouse <>
2017-03-07Prepare 4.6.2-SNAPSHOT buildsMatthias Sohn56-312/+312
Change-Id: I8835f79145e6a989787d47322c3d8cb9baf0624a Signed-off-by: Matthias Sohn <>
2017-03-07JGit v4.6.1.201703071140-rv4.6.1.201703071140-rMatthias Sohn56-59/+59
Change-Id: I842dc95313e5b47b0b7ec983c4a0a91915ed4183 Signed-off-by: Matthias Sohn <>
2017-03-06Merge branch 'stable-4.6'David Pursehouse0-0/+0
* stable-4.6: Update Jetty to 9.4.1.v20170120 in buck build Update Jetty to 9.4.1.v20170120 Update build to use Tycho 1.0.0 Update minimum JDK version in README Change-Id: I735697c112094e883986ce13026d967291d88494 Signed-off-by: David Pursehouse <>
2017-03-06Update Jetty to 9.4.1.v20170120 in buck buildJonathan Nieder2-13/+14
5e8e2179b218ede7d14b69dc5149b0691b5859cf (Update Jetty to 9.4.1.v201470120, 2017-01-26) updated Jetty in the maven build. Update the buck build to match so buck builds work again. The buck build will go away soon, but in the meantime (until the bazel build gets the same level of support) it is convenient as a faster way of running tests than using maven. The bazel build doesn't need this change since it doesn't build or run http tests yet. Change-Id: Ibbdaf2880e76b32fc9f6b5605a2ff29e3deffda2 (cherry picked from commit 2470f01d0f8bca4c8c754475846c83b9f99c93b8)
2017-03-06Update Jetty to 9.4.1.v20170120Matthias Sohn15-103/+117
MappedLoginService is no longer available in Jetty 9.4 therefore base TestLoginService on AbstractLoginService. Apparently Jetty now uses slf4j hence adapt RecordingLogger accordingly so we can log error messages containing slf4j style formatting anchors "{}". Change-Id: Ibb36aba8782882936849b6102001a88b699bb65c Signed-off-by: Matthias Sohn <> (cherry picked from commit 5e8e2179b218ede7d14b69dc5149b0691b5859cf)
2017-03-06Update build to use Tycho 1.0.0Matthias Sohn1-1/+1
Change-Id: I10f61962e1496f079a39e0f533506816be56e925 Signed-off-by: Matthias Sohn <> (cherry picked from commit 92d8c9bec2bd990cec937b3a6c5f4ab4011d3f73)
2017-03-06Update minimum JDK version in READMEDavid Pursehouse1-1/+1
Change-Id: I655d896b268e946e3492661b08add0ebac22c6f0 Signed-off-by: David Pursehouse <> (cherry picked from commit 67da5635a47ad7680b3c60358a1fec080eef7d1e)
2017-03-03FetchCommand: Add basic support for recursing into submodulesDavid Pursehouse5-1/+492
Extend FetchCommand to expose a new method, setRecurseSubmodules(mode), which allows to set the mode to ON, OFF or ON_DEMAND. After fetching a repository, its submodules are recursively fetched: - When the mode is YES, submodules are always fetched. - When the mode is NO, submodules are not fetched. - When the mode is ON_DEMAND, submodules are only fetched when the parent repository receives an update of the submodule and the new revision is not already in the submodule. The mode is determined in the following order of precedence: - Value specified in the API call using setRecurseSubmodules. - Value specified in the repository's config under the key - Defaults to ON_DEMAND if neither of the previous is set. Extend FetchResult to recursively include results for submodules, as a map of the submodule path to an instance of FetchResult. Test setup is based on testCloneRepositoryWithNestedSubmodules. Change-Id: Ibc841683763307cb76e78e142e0da5b11b1add2a Signed-off-by: David Pursehouse <>
2017-03-03Remove unnecessary @SuppressWarnings("nls")David Pursehouse1-1/+0
Change-Id: Idc5f82af17ecc944b5657b02823412ea46b38413 Signed-off-by: David Pursehouse <>
2017-03-03Make Repository.normalizeBranchName less strictThomas Wolf2-129/+171
This operation was added recently with the goal to provide some way to auto-correct invalid user input, or to provide a correction suggestion to the user -- EGit uses it now that way. But the initial implementation was very restrictive; it removed all non-ASCII characters and even slashes. Understandably end users were not happy with that. Git has no such restriction to ASCII-only; nor does JGit. Branch names should be meaningful to the end user, and if a user-supplied branch name is invalid for technical reasons, a "normalized" name should still be meaningful to the user. Rewrite to attempt a minimal fix such that the result will pass isValidRefName. * Replace all Unicode whitespace by underscore. * Replace troublesome special characters by dash. * Collapse sequences of underscores, dots, and dashes. * Remove underscores, dots, and dashes following slashes, and collapse sequences of slashes. * Strip leading and trailing sequences of slashes, dots, dashes, and underscores. * Avoid the ".lock" extension. * Avoid the Windows reserved device names. * If input name is null return an empty String so callers don't need to check for null. This still allows branch names with single slashes as separators between components, avoids some pitfalls that isValidRefName() tests for, and leaves other character untouched and thus allows non-ASCII branch names. Also move the function from the bottom of the file up to where isValidRefName is implemented. Bug: 512508 Change-Id: Ia0576d9b2489162208c05e51c6d54e9f0c88c3a7 Signed-off-by: Thomas Wolf <> Signed-off-by: Matthias Sohn <>
2017-03-02Merge "SHA-1: collision detection support"Jonathan Nieder11-93/+1929
2017-02-28SHA-1: collision detection supportShawn Pearce11-93/+1929
Update SHA1 class to include a Java port of sha1dc[1]'s ubc_check, which can detect the attack pattern used by the SHAttered[2] authors. Given the shattered example files that have the same SHA-1, this modified implementation can identify there is risk of collision given only one file in the pair: $ jgit ... [main] WARN org.eclipse.jgit.util.sha1.SHA1 - SHA-1 collision 38762cf7f55934b34d179ae6a4c80cadccbb7f0a When JGit detects probability of a collision the SHA1 class now warns on the logger, reporting the object's SHA-1 hash, and then throws a Sha1CollisionException to the caller. From the paper[3] by Marc Stevens, the probability of a false positive identification of a collision is about 14 * 2^(-160), sufficiently low enough for any detected collision to likely be a real collision. git-core[4] may adopt sha1dc before the system migrates to an entirely new hash function. This commit enables JGit to remain compatible with that move to sha1dc, and help protect users by warning if similar attacks as SHAttered are identified. Performance declined about 8% (detection off), now: MessageDigest 238.41 MiB/s MessageDigest 244.52 MiB/s MessageDigest 244.06 MiB/s MessageDigest 242.58 MiB/s SHA1 216.77 MiB/s (was ~240.83 MiB/s) SHA1 220.98 MiB/s SHA1 221.76 MiB/s SHA1 221.34 MiB/s This decline in throughput is attributed to the step loop unrolling in compress(), which was necessary to easily fit the UbcCheck logic into the hash function. Using helper functions s1-s4 reduces the code explosion, providing acceptable throughput. With detection enabled (default): SHA1 detectCollision 180.12 MiB/s SHA1 detectCollision 181.59 MiB/s SHA1 detectCollision 181.64 MiB/s SHA1 detectCollision 182.24 MiB/s sha1dc (native C) ~206.28 MiB/s sha1dc (native C) ~204.47 MiB/s sha1dc (native C) ~203.74 MiB/s Average time across 100,000 calls to hash 4100 bytes (such as a commit or tree) for the various algorithms available to JGit also shows SHA1 is slower than MessageDigest, but by an acceptable margin: MessageDigest 17 usec SHA1 18 usec SHA1 detectCollision 22 usec Time to index-pack for git.git (217982 objects, 69 MiB) has increased: MessageDigest SHA1 w/ detectCollision ------------- ----------------------- 20.12s 25.25s 19.87s 25.48s 20.04s 25.26s avg 20.01s 25.33s +26% Being implemented in Java with these additional safety checks is clearly a penalty, but throughput is still acceptable given the increased security against object name collisions. [1] [2] [3] [4] Change-Id: I9fe4c6d8fc5e5a661af72cd3246c9e67b1b9fee6
2017-02-28Silence API error caused by changed return type of digest()Matthias Sohn2-1/+12
Change-Id: Ic0810ed7fea837c45cbc9a4649ca51d140bad6e6 Signed-off-by: Matthias Sohn <>
2017-02-28Correct the boolean logic for filtering pathsMagnus Vigerlöf7-11/+536
The TreeWalk filtering classes need to support the three different meanings of the return value the path comparison generates. A new path comparison method (isPathMatch) is created with three distinct return values (isPathPrefix use value '0' to encode two of these) which will makes it possible for the logical operators (especially NOT) to aggregate a correct verdict. A filter like: AND(Path("path"), NOT(Path("path/to/other"))) Should filter out 'path/to/other/file', but not 'path/to/my/file'. The path-limiting feature when testing path/to/my/file, would result to run test for the following paths: path path/to path/to/my path/to/my/file isPathPrefix('path/to/other') will return '0' for the first two and since there is no way for NOT to distinguish between an exact match and a match indicating that the tested path is a 'parent', it will incorrectly return false and thus remove everything below 'path' immediately. isPathMatch has a distinguished value for 'parent' matches that will be preserved through the logic operators and should not cause an over-eager removal of paths. The functionality of isPathPrefix is required by other parts and is untouched. Unit tests are included to ensure that the logical functionality is correct and can be preserved. Change-Id: Ice2ca9406f09f1b179569e99b86a0e5d77baa20d Signed-off-by: Magnus Vigerlöf <>
2017-02-26Merge "SHA1: support reset() and reuse instances"Jonathan Nieder6-11/+49
2017-02-26SHA1: support reset() and reuse instancesShawn Pearce6-11/+49
Allow SHA1 instances to be reused to compute another hash value, and resume caching them in ObjectInserter and PackParser. This shaves a small amount of running time off parsing git.git's pack file: before after ------ ------ 25.25s 25.55s 25.48s 25.06s 25.26s 24.94s Almost noise (small difference), but recycling the instances reduces some stress on the memory allocator finding two 80 word message block arrays needed for hashing and collision detection. Change-Id: I4af88a720e81460293bc5c5d1d3db1a831e7e228
2017-02-26Merge changes from topic 'SHAttered'Jonathan Nieder11-38/+480
* changes: Switch to pure Java SHA1 for ObjectId Pure Java SHA-1
2017-02-26Update Jetty to 9.4.1.v20170120 in buck buildJonathan Nieder2-13/+14
5e8e2179b218ede7d14b69dc5149b0691b5859cf (Update Jetty to 9.4.1.v201470120, 2017-01-26) updated Jetty in the maven build. Update the buck build to match so buck builds work again. The buck build will go away soon, but in the meantime (until the bazel build gets the same level of support) it is convenient as a faster way of running tests than using maven. The bazel build doesn't need this change since it doesn't build or run http tests yet. Change-Id: Ibbdaf2880e76b32fc9f6b5605a2ff29e3deffda2
2017-02-26Switch to pure Java SHA1 for ObjectIdShawn Pearce8-38/+104
Generate names for objects using only the pure Java SHA1 implementation, but continue using MessageDigest in tests. This opens the possibility of changing the hashing function to incorporate additional safety measures, such as those used in sha1dc[1]. Since MessageDigest has higher throughput, continue using MessageDigest for computing pack, idx and DirCache trailers. These are less likely to be sensitive to SHAttered[2] types of attacks, as Git uses them to detect random bit flips during transfer, and not for content identity. [1] [2] Change-Id: If6da98334201f7f20cb916e46f782c45f373784e
2017-02-26Pure Java SHA-1Shawn Pearce4-0/+376
This implementation is derived straight from the description written in RFC 3174. On Mac OS X with Java 1.8.0_91 it offers similar throughput as MessageDigest SHA-1: system 239.75 MiB/s system 244.71 MiB/s system 245.00 MiB/s system 244.92 MiB/s sha1 234.08 MiB/s sha1 244.50 MiB/s sha1 242.99 MiB/s sha1 241.73 MiB/s This is the fastest implementation I could come up with. Common SHA-1 implementation tricks such as unrolling loops creates a method too large for the JIT to effectively optimize, resulting in lower overall hashing throughput. Using a preprocessor to perform the register renaming of A-E also didn't help, as again the method was too large for the JIT to effectively optimize. Fortunately the fastest version is a naive, straight-forward implementation very close to the description in RFC 3174. Change-Id: I228b05c4a294ca2ad51386cf0e47978c68e1aa42
2017-02-20Remove unused imported package in org.eclipse.jgit.ant.testDavid Pursehouse1-1/+0
Change-Id: Id8e31a4d7cc25c3b953c67674797dc575b65f6c5 Signed-off-by: David Pursehouse <>
2017-02-20Enable and fix warnings about redundant specification of type argumentsDavid Pursehouse289-765/+765
Since the introduction of generic type parameter inference in Java 7, it's not necessary to explicitly specify the type of generic parameters. Enable the warning in Eclipse, and fix all occurrences. Change-Id: I9158caf1beca5e4980b6240ac401f3868520aad0 Signed-off-by: David Pursehouse <>
2017-02-20Fix hamcrest dependency in org.eclipse.jgit.ant.testDavid Pursehouse1-1/+1
Change-Id: I3361dce600698048b73a70cd991ad1a6b093e1da Signed-off-by: David Pursehouse <>
2017-02-20Add API filter for usage of FileRepository in test classesDavid Pursehouse1-0/+35
FileRepository is in the package org.eclipse.jgit.internal, and is thus non-API. This causes warnings in Eclipse when FileRepository is used. Add a filter to prevent the warnings. Change-Id: I9a8ae106c085bb0e826031fa183b4c4bdabcc5fc Signed-off-by: David Pursehouse <>
2017-02-20Fix bad test fix from 0bff481 "Limit receive commands"Shawn Pearce2-10/+15
In 0bff481d45db74db81a3b1b86f7401443a60d970 to accurately use the two limits it was necessary to move the LimitedInputStream out of the PacketLineIn and further down to the PackParser. Unfortuantely this didn't survive review, as a buggy test failed and the "fix" was to drop this part of the code. The maxPackSizeLimit should apply to the pack stream, not the pkt-line framing used to send commands to control the ReceivePack instance. The commands are controlled using a different limit. The failing test allowed too many bytes in the pack and was only failing because it was including the command framing. The correct fix for the test was simply to drop the limit lower, to more closely match the actual pack size. Change-Id: I47d3885b9d7d527e153df7ac9c62fc2865ceecf4
2017-02-20Fix timestamp in Zip archivesShawn Pearce1-3/+3
RevCommit.getCommitTime returns time in seconds since the epoch. ZipArchiveEntry.setTime expects time in milliseconds. Add the missing unit conversion to get the correct result. Correct formatting to be consistent with the rest of the code. Change-Id: I990b92f1d996ec8538d4857755694d91b142eb53
2017-02-19Add some more missing @Override annotationsDavid Pursehouse2-0/+2
Change-Id: Ic13160920b986edde87c928c473240cc9c034f50 Signed-off-by: David Pursehouse <>
2017-02-19Enable and fix 'Should be tagged with @Override' warningDavid Pursehouse347-18/+1011
Set missingOverrideAnnotation=warning in Eclipse compiler preferences which enables the warning: The method <method> of type <type> should be tagged with @Override since it actually overrides a superclass method Justification for this warning is described in: Enabling this causes in excess of 1000 warnings across the entire code-base. They are very easy to fix automatically with Eclipse's "Quick Fix" tool. Fix all of them except 2 which cause compilation failure when the project is built with mvn; add TODO comments on those for further investigation. Change-Id: I5772061041fd361fe93137fd8b0ad356e748a29c Signed-off-by: David Pursehouse <>
2017-02-19Update Jetty to 9.4.1.v20170120Matthias Sohn15-103/+117
MappedLoginService is no longer available in Jetty 9.4 therefore base TestLoginService on AbstractLoginService. Apparently Jetty now uses slf4j hence adapt RecordingLogger accordingly so we can log error messages containing slf4j style formatting anchors "{}". Change-Id: Ibb36aba8782882936849b6102001a88b699bb65c Signed-off-by: Matthias Sohn <>
2017-02-19Fix typo in @sinceThomas Wolf1-1/+1
Change-Id: I266b0c72d2827bcf2b86ddc6c1892d1a46c548eb Signed-off-by: Thomas Wolf <>

Back to the top