Log message:
git: updated to 2.26.0

Git 2.26 Release Notes
======================

Updates since v2.25
-------------------

Backward compatibility notes

 * "git rebase" uses a different backend that is based on the 'merge'
   machinery by default.  There are a few known differences in the
   behaviour from the traditional machinery based on patch+apply.

   If your workflow is negatively affected by this change, please
   report it to git@vger.kernel.org so that we can take a look into
   it.  After doing so, you can set the 'rebase.backend' configuration
   variable to 'apply', in order to use the old default behaviour in
   the meantime.

UI, Workflows & Features

 * Sample credential helper for using .netrc has been updated to work
   out of the box.

 * gpg.minTrustLevel configuration variable has been introduced to
   tell various signature verification codepaths the required minimum
   trust level.

 * The command line completion (in contrib/) learned to complete
   subcommands and arguments to "git worktree".

 * Disambiguation logic to tell revisions and pathspec apart has been
   tweaked so that backslash-escaped glob special characters do not
   count in the "wildcards are pathspec" rule.

 * One effect of specifying where the GIT_DIR is (either with the
   environment variable, or with the "git --git-dir=<where> cmd"
   option) is to disable the repository discovery.  This has been
   placed a bit more stress in the documentation, as new users often
   get confused.

 * Two help messages given when "git add" notices the user gave it
   nothing to add have been updated to use advise() API.

 * A new version of fsmonitor-watchman hook has been introduced, to
   avoid races.

 * "git config" learned to show in which "scope", in \ 
addition to in
   which file, each config setting comes from.

 * The basic 7 colors learned the brighter counterparts
   (e.g. "brightred").

 * "git sparse-checkout" learned a new "add" subcommand.

 * A configuration element used for credential subsystem can now use
   wildcard pattern to specify for which set of URLs the entry
   applies.

 * "git clone --recurse-submodules --single-branch" now uses the same
   single-branch option when cloning the submodules.

 * "git rm" and "git stash" learns the new \ 
"--pathspec-from-file"
   option.

 * "git am --show-current-patch" is a way to show the piece of e-mail
   for the stopped step, which is not suitable to directly feed "git
   apply" (it is designed to be a good "git am" input).  It learned a
   new option to show only the patch part.

 * Handling of conflicting renames in merge-recursive have further
   been made consistent with how existing codepaths try to mimic what
   is done to add/add conflicts.

Performance, Internal Implementation, Development Support etc.

 * Tell .editorconfig that in this project, *.txt files are indented
   with tabs.

 * The test-lint machinery knew to check "VAR=VAL shell_function"
   construct, but did not check "VAR= shell_function", which has been
   corrected.

 * Replace "git config --bool" calls with "git config \ 
--type=bool" in
   sample templates.

 * The effort to move "git-add--interactive" to C continues.

 * Improve error message generation for "git submodule add".

 * Preparation of test scripts for the day when the object names will
   use SHA-256 continues.

 * Warn programmers about pretend_object_file() that allows the code
   to tentatively use in-core objects.

 * The way "git pack-objects" reuses objects stored in existing pack
   to generate its result has been improved.

 * The transport protocol version 2 becomes the default one.

 * Traditionally, we avoided threaded grep while searching in objects
   (as opposed to files in the working tree) as accesses to the object
   layer is not thread-safe.  This limitation is getting lifted.

 * "git rebase -i" (and friends) used to unnecessarily check out the
   tip of the branch to be rebased, which has been corrected.

 * A low-level API function get_oid(), that accepts various ways to
   name an object, used to issue end-user facing error messages
   without l10n, which has been updated to be translatable.

 * Unneeded connectivity check is now disabled in a partial clone when
   fetching into it.

 * Some rough edges in the sparse-checkout feature, especially around
   the cone mode, have been cleaned up.

 * The diff-* plumbing family of subcommands now pay attention to the
   diff.wsErrorHighlight configuration, which has been ignored before;
   this allows "git add -p" to also show the whitespace problems to
   the end user.

 * Some codepaths were given a repository instance as a parameter to
   work in the repository, but passed the_repository instance to its
   callees, which has been cleaned up (somewhat).

 * Memory footprint and performance of "git name-rev" has been
   improved.

 * The object reachability bitmap machinery and the partial cloning
   machinery were not prepared to work well together, because some
   object-filtering criteria that partial clones use inherently rely
   on object traversal, but the bitmap machinery is an optimization
   to bypass that object traversal.  There however are some cases
   where they can work together, and they were taught about them.

 * "git rebase" has learned to use the merge backend (i.e. the
   machinery that drives "rebase -i") by default, while allowing
   "--apply" option to use the "apply" backend (e.g. the moral
   equivalent of "format-patch piped to am").  The rebase.backend
   configuration variable can be set to customize.

 * Underlying machinery of "git bisect--helper" is being refactored
   into pieces that are more easily reused.

Fixes since v2.25
-----------------

 * "git commit" gives output similar to "git status" when \ 
there is
   nothing to commit, but without honoring the advise.statusHints
   configuration variable, which has been corrected.

 * has_object_file() said "no" given an object registered to the
   system via pretend_object_file(), making it inconsistent with
   read_object_file(), causing lazy fetch to attempt fetching an
   empty tree from promisor remotes.

 * Complete an update to tutorial that encourages "git switch" over
   "git checkout" that was done only half-way.

 * C pedantry ;-) fix.

 * The code that tries to skip over the entries for the paths in a
   single directory using the cache-tree was not careful enough
   against corrupt index file.

 * Reduce unnecessary round-trip when running "ls-remote" over the
   stateless RPC mechanism.

 * "git restore --staged" did not correctly update the cache-tree
   structure, resulting in bogus trees to be written afterwards, which
   has been corrected.

 * The code recently added to move to the entry beyond the ones in the
   same directory in the index in the sparse-cone mode did not count
   the number of entries to skip over incorrectly, which has been
   corrected.

 * Rendering by "git log --graph" of ancestry lines leading to a merge
   commit were made suboptimal to waste vertical space a bit with a
   recent update, which has been corrected.

 * Work around test breakages caused by custom regex engine used in
   libasan, when address sanitizer is used with more recent versions
   of gcc and clang.

 * Minor bugfixes to "git add -i" that has recently been rewritten in C.

 * "git fetch --refmap=" option has got a better documentation.

 * "git checkout X" did not correctly fail when X is not a local
   branch but could name more than one remote-tracking branches
   (i.e. to be dwimmed as the starting point to create a corresponding
   local branch), which has been corrected.
   (merge fa74180d08 am/checkout-file-and-ref-ref-ambiguity later to maint).

 * Corner case bugs in "git clean" that stems from a (necessarily for
   performance reasons) awkward calling convention in the directory
   enumeration API has been corrected.

 * A fetch that is told to recursively fetch updates in submodules
   inevitably produces reams of output, and it becomes hard to spot
   error messages.  The command has been taught to enumerate
   submodules that had errors at the end of the operation.
   (merge 0222540827 es/fetch-show-failed-submodules-atend later to maint).

 * The "--recurse-submodules" option of various subcommands did not
   work well when run in an alternate worktree, which has been
   corrected.

 * Futureproofing a test not to depend on the current implementation
   detail.

 * Running "git rm" on a submodule failed unnecessarily when
   .gitmodules is only cache-dirty, which has been corrected.

 * C pedantry ;-) fix.

 * "git grep --no-index" should not get affected by the contents of
   the .gitmodules file but when "--recurse-submodules" is given or
   the "submodule.recurse" variable is set, it did.  Now these
   settings are ignored in the "--no-index" mode.

 * Technical details of the bundle format has been documented.

 * Unhelpful warning messages during documentation build have been squelched.

 * "git rebase -i" identifies existing commits in its todo file with
   their abbreviated object name, which could become ambiguous as it
   goes to create new commits, and has a mechanism to avoid ambiguity
   in the main part of its execution.  A few other cases however were
   not covered by the protection against ambiguity, which has been
   corrected.

 * Allow the rebase.missingCommitsCheck configuration to kick in when
   "rebase --edit-todo" and "rebase --continue" restarts the \ 
procedure.
   (merge 5a5445d878 ag/edit-todo-drop-check later to maint).

 * The way "git submodule status" reports an initialized but not yet
   populated submodule has not been reimplemented correctly when a
   part of the "git submodule" command was rewritten in C, which has
   been corrected.
   (merge f38c92452d pk/status-of-uncloned-submodule later to maint).

 * The code to automatically shrink the fan-out in the notes tree had
   an off-by-one bug, which has been killed.

 * The index-pack code now diagnoses a bad input packstream that
   records the same object twice when it is used as delta base; the
   code used to declare a software bug when encountering such an
   input, but it is an input error.

 * The code to compute the commit-graph has been taught to use a more
   robust way to tell if two object directories refer to the same
   thing.
   (merge a7df60cac8 tb/commit-graph-object-dir later to maint).

 * "git remote rename X Y" needs to adjust configuration variables
   (e.g. branch.<name>.remote) whose value used to be X to Y.
   branch.<name>.pushRemote is now also updated.

 * Update to doc-diff.

 * Doc markup fix.

 * "git check-ignore" did not work when the given path is explicitly
   marked as not ignored with a negative entry in the .gitignore file.

 * The merge-recursive machinery failed to refresh the cache entry for
   a merge result in a couple of places, resulting in an unnecessary
   merge failure, which has been fixed.

 * Fix for a bug revealed by a recent change to make the protocol v2
   the default.

 * In rare cases "git worktree add <path>" could think that \ 
<path>
   was already a registered worktree even when it wasn't and refuse
   to add the new worktree. This has been corrected.
   (merge bb69b3b009 es/worktree-avoid-duplication-fix later to maint).

 * "git push" should stop from updating a branch that is checked out
   when receive.denyCurrentBranch configuration is set, but it failed
   to pay attention to checkouts in secondary worktrees.  This has
   been corrected.
   (merge 4d864895a2 hv/receive-denycurrent-everywhere later to maint).

 * "git rebase BASE BRANCH" rebased/updated the tip of BRANCH and
   checked it out, even when the BRANCH is checked out in a different
   worktree.  This has been corrected.
   (merge b5cabb4a96 es/do-not-let-rebase-switch-to-protected-branch later to maint).

 * "git describe" in a repository with multiple root commits sometimes
   gave up looking for the best tag to describe a given commit with
   too early, which has been adjusted.

 * "git merge signed-tag" while lacking the public key started to say
   "No signature", which was utterly wrong.  This regression has been
   reverted.

 * MinGW's poll() emulation has been improved.

 * "git show" and others gave an object name in raw format in its
   error output, which has been corrected to give it in hex.

 * "git fetch" over HTTP walker protocol did not show any progress
   output.  We inherently do not know how much work remains, but still
   we can show something not to bore users.
   (merge 7655b4119d rs/show-progress-in-dumb-http-fetch later to maint).

 * Both "git ls-remote -h" and "git grep -h" give short \ 
usage help,
   like any other Git subcommand, but it is not unreasonable to expect
   that the former would behave the same as "git ls-remote --head"
   (there is no other sensible behaviour for the latter).  The
   documentation has been updated in an attempt to clarify this.

Log message:
devel/git-base: fix typo in patch

Log message:
git: updated to 2.52.2

Git 2.25.2 Release Notes
========================

Fixes since v2.25.1
-------------------

 * Minor bugfixes to "git add -i" that has recently been rewritten in C.

 * An earlier update to show the location of working tree in the error
   message did not consider the possibility that a git command may be
   run in a bare repository, which has been corrected.

 * The "--recurse-submodules" option of various subcommands did not
   work well when run in an alternate worktree, which has been
   corrected.

 * Running "git rm" on a submodule failed unnecessarily when
   .gitmodules is only cache-dirty, which has been corrected.

 * "git rebase -i" identifies existing commits in its todo file with
   their abbreviated object name, which could become ambigous as it
   goes to create new commits, and has a mechanism to avoid ambiguity
   in the main part of its execution.  A few other cases however were
   not covered by the protection against ambiguity, which has been
   corrected.

 * The index-pack code now diagnoses a bad input packstream that
   records the same object twice when it is used as delta base; the
   code used to declare a software bug when encountering such an
   input, but it is an input error.

 * The code to automatically shrink the fan-out in the notes tree had
   an off-by-one bug, which has been killed.

 * "git check-ignore" did not work when the given path is explicitly
   marked as not ignored with a negative entry in the .gitignore file.

 * The merge-recursive machinery failed to refresh the cache entry for
   a merge result in a couple of places, resulting in an unnecessary
   merge failure, which has been fixed.

 * Fix for a bug revealed by a recent change to make the protocol v2
   the default.

 * "git merge signed-tag" while lacking the public key started to say
   "No signature", which was utterly wrong.  This regression has been
   reverted.

 * MinGW's poll() emulation has been improved.

 * "git show" and others gave an object name in raw format in its
   error output, which has been corrected to give it in hex.

 * Both "git ls-remote -h" and "git grep -h" give short \ 
usage help,
   like any other Git subcommand, but it is not unreasonable to expect
   that the former would behave the same as "git ls-remote --head"
   (there is no other sensible behaviour for the latter).  The
   documentation has been updated in an attempt to clarify this.

Also contains various documentation updates, code clean-ups and minor fixups.

Log message:
*: recursive bump for libffi

Log message:
git: updated to 2.25.1

Git 2.25.1 Release Notes
========================

Fixes since v2.25
-----------------

 * "git commit" gives output similar to "git status" when \ 
there is
   nothing to commit, but without honoring the advise.statusHints
   configuration variable, which has been corrected.

 * has_object_file() said "no" given an object registered to the
   system via pretend_object_file(), making it inconsistent with
   read_object_file(), causing lazy fetch to attempt fetching an
   empty tree from promisor remotes.

 * The code that tries to skip over the entries for the paths in a
   single directory using the cache-tree was not careful enough
   against corrupt index file.

 * Complete an update to tutorial that encourages "git switch" over
   "git checkout" that was done only half-way.

 * Reduce unnecessary round-trip when running "ls-remote" over the
   stateless RPC mechanism.

 * "git restore --staged" did not correctly update the cache-tree
   structure, resulting in bogus trees to be written afterwards, which
   has been corrected.

 * The code recently added to move to the entry beyond the ones in the
   same directory in the index in the sparse-cone mode did not count
   the number of entries to skip over incorrectly, which has been
   corrected.

 * Work around test breakages caused by custom regex engine used in
   libasan, when address sanitizer is used with more recent versions
   of gcc and clang.

 * "git fetch --refmap=" option has got a better documentation.

 * Corner case bugs in "git clean" that stems from a (necessarily for
   performance reasons) awkward calling convention in the directory
   enumeration API has been corrected.

 * "git grep --no-index" should not get affected by the contents of
   the .gitmodules file but when "--recurse-submodules" is given or
   the "submodule.recurse" variable is set, it did.  Now these
   settings are ignored in the "--no-index" mode.

 * Technical details of the bundle format has been documented.

 * Unhelpful warning messages during documentation build have been
   squelched.

Log message:
git: updated to 2.25.0

Git 2.25 Release Notes
======================

Updates since v2.24
-------------------

Backward compatibility notes

UI, Workflows & Features

 * A tutorial on object enumeration has been added.

 * The branch description ("git branch --edit-description") has been
   used to fill the body of the cover letters by the format-patch
   command; this has been enhanced so that the subject can also be
   filled.

 * "git rebase --preserve-merges" has been marked as deprecated; this
   release stops advertising it in the "git rebase -h" output.

 * The code to generate multi-pack index learned to show (or not to
   show) progress indicators.

 * "git apply --3way" learned to honor merge.conflictStyle
   configuration variable, like merges would.

 * The custom format for "git log --format=<format>" learned the l/L
   placeholder that is similar to e/E that fills in the e-mail
   address, but only the local part on the left side of '@'.

 * Documentation pages for "git shortlog" now list commit limiting
   options explicitly.

 * The patterns to detect function boundary for Elixir language has
   been added.

 * The completion script (in contrib/) learned that the "--onto"
   option of "git rebase" can take its argument as the value of the
   option.

 * The userdiff machinery has been taught that "async def" is another
   way to begin a "function" in Python.

 * "git range-diff" learned to take the \ 
"--notes=<ref>" and the
   "--no-notes" options to control the commit notes included in the
   log message that gets compared.

 * "git rev-parse --show-toplevel" run outside of any working tree did
   not error out, which has been corrected.

 * A few commands learned to take the pathspec from the standard input
   or a named file, instead of taking it as the command line
   arguments, with the "--pathspec-from-file" option.

 * "git submodule" learned a subcommand "set-url".

 * "git log" family learned "--pretty=reference" that gives \ 
the name
   of a commit in the format that is often used to refer to it in log
   messages.

 * The interaction between "git clone --recurse-submodules" and
   alternate object store was ill-designed.  The documentation and
   code have been taught to make more clear recommendations when the
   users see failures.

 * Management of sparsely checked-out working tree has gained a
   dedicated "sparse-checkout" command.

 * Miscellaneous small UX improvements on "git-p4".

 * "git sparse-checkout list" subcommand learned to give its output in
   a more concise form when the "cone" mode is in effect.

Performance, Internal Implementation, Development Support etc.

 * Debugging support for lazy cloning has been a bit improved.

 * Move the definition of a set of bitmask constants from 0ctal
   literal to (1U<<count) notation.

 * Test updates to prepare for SHA-2 transition continues.

 * Crufty code and logic accumulated over time around the object
   parsing and low-level object access used in "git fsck" have been
   cleaned up.

 * The implementation of "git log --graph" got refactored and then its
   output got simplified.

 * Follow recent push to move API docs from Documentation/ to header
   files and update config.h

 * "git bundle" has been taught to use the parse options API.  "git
   bundle verify" learned "--quiet" and "git bundle \ 
create" learned
   options to control the progress output.

 * Handling of commit objects that use non UTF-8 encoding during
   "rebase -i" has been improved.

 * The beginning of rewriting "git add -i" in C.

 * A label used in the todo list that are generated by "git rebase
   --rebase-merges" is used as a part of a refname; the logic to come
   up with the label has been tightened to avoid names that cannot be
   used as such.

 * The logic to avoid duplicate label names generated by "git rebase
   --rebase-merges" forgot that the machinery itself uses "onto" as a
   label name, which must be avoided by auto-generated labels, which
   has been corrected.

 * We have had compatibility fallback macro definitions for "PRIuMAX",
   "PRIu32", etc. but did not for "PRIdMAX", while the code \ 
used the
   last one apparently without any hiccup reported recently.  The
   fallback macro definitions for these <inttypes.h> macros that must
   appear in C99 systems have been removed.

 * Recently we have declared that GIT_TEST_* variables take the
   usual boolean values (it used to be that some used "non-empty
   means true" and taking GIT_TEST_VAR=YesPlease as true); make
   sure we notice and fail when non-bool strings are given to
   these variables.

 * Users of oneway_merge() (like "reset --hard") learned to take
   advantage of fsmonitor to avoid unnecessary lstat(2) calls.

 * Performance tweak on "git push" into a repository with many refs
   that point at objects we have never heard of.

 * PerfTest fix to avoid stale result mixed up with the latest round
   of test results.

 * Hide lower-level verify_signed-buffer() API as a pure helper to
   implement the public check_signature() function, in order to
   encourage new callers to use the correct and more strict
   validation.

 * Unnecessary reading of state variables back from the disk during
   sequencer operation has been reduced.

 * The code has been made to avoid gmtime() and localtime() and prefer
   their reentrant counterparts.

 * In a repository with many packfiles, the cost of the procedure that
   avoids registering the same packfile twice was unnecessarily high
   by using an inefficient search algorithm, which has been corrected.

 * Redo "git name-rev" to avoid recursive calls.

 * FreeBSD CI support via Cirrus-CI has been added.

Fixes since v2.24
-----------------

 * "rebase -i" ceased to run post-commit hook by mistake in an earlier
   update, which has been corrected.

 * "git notes copy $original" ought to copy the notes attached to the
   original object to HEAD, but a mistaken tightening to command line
   parameter validation made earlier disabled that feature by mistake.

 * When all files from some subdirectory were renamed to the root
   directory, the directory rename heuristics would fail to detect that
   as a rename/merge of the subdirectory to the root directory, which has
   been corrected.

 * Code clean-up and a bugfix in the logic used to tell worktree local
   and repository global refs apart.

 * "git stash save" in a working tree that is sparsely checked out
   mistakenly removed paths that are outside the area of interest.

 * "git rev-parse --git-path HEAD.lock" did not give the right path
   when run in a secondary worktree.

 * "git merge --no-commit" needs "--no-ff" if you do not \ 
want to move
   HEAD, which has been corrected in the manual page for "git bisect".

 * "git worktree add" internally calls "reset --hard" that \ 
should not
   descend into submodules, even when submodule.recurse configuration
   is set, but it was affected.  This has been corrected.

 * Messages from die() etc. can be mixed up from multiple processes
   without even line buffering on Windows, which has been worked
   around.

 * HTTP transport had possible allocator/deallocator mismatch, which
   has been corrected.

 * The watchman integration for fsmonitor was racy, which has been
   corrected to be more conservative.

 * Fetching from multiple remotes into the same repository in parallel
   had a bad interaction with the recent change to (optionally) update
   the commit-graph after a fetch job finishes, as these parallel
   fetches compete with each other.  Which has been corrected.

 * Recent update to "git stash pop" made the command empty the index
   when run with the "--quiet" option, which has been corrected.

 * "git fetch" codepath had a big "do not lazily fetch missing objects
   when I ask if something exists" switch.  This has been corrected by
   marking the "does this thing exist?" calls with "if not please \ 
do not
   lazily fetch it" flag.

 * Test update to avoid wasted cycles.

 * Error handling after "git push" finishes sending the packdata and
   waits for the response to the remote side has been improved.

 * Some codepaths in "gitweb" that forgot to escape URLs generated
   based on end-user input have been corrected.

 * CI jobs for macOS has been made less chatty when updating perforce
   package used during testing.

 * "git unpack-objects" used to show progress based only on the number
   of received and unpacked objects, which stalled when it has to
   handle an unusually large object.  It now shows the throughput as
   well.

 * The sequencer machinery compared the HEAD and the state it is
   attempting to commit to decide if the result would be a no-op
   commit, even when amending a commit, which was incorrect, and
   has been corrected.

 * The code to parse GPG output used to assume incorrectly that the
   finterprint for the primary key would always be present for a valid
   signature, which has been corrected.

 * "git submodule status" and "git submodule status \ 
--cached" show
   different things, but the documentation did not cover them
   correctly, which has been corrected.

 * "git reset --patch $object" without any pathspec should allow a
   tree object to be given, but incorrectly required a committish,
   which has been corrected.

 * "git submodule status" that is run from a subdirectory of the
   superproject did not work well, which has been corrected.

 * The revision walking machinery uses resources like per-object flag
   bits that need to be reset before a new iteration of walking
   begins, but the resources related to topological walk were not
   cleared correctly, which has been corrected.

 * TravisCI update.

 * While running "revert" or "cherry-pick --edit" for multiple
   commits, a recent regression incorrectly detected "nothing to
   commit, working tree clean", instead of replaying the commits,
   which has been corrected.

 * Work around a issue where a FD that is left open when spawning a
   child process and is kept open in the child can interfere with the
   operation in the parent process on Windows.

 * One kind of progress messages were always given during commit-graph
   generation, instead of following the "if it takes more than two
   seconds, show progress" pattern, which has been corrected.

 * "git rebase" did not work well when format.useAutoBase
   configuration variable is set, which has been corrected.

 * The "diff" machinery learned not to lose added/removed blank lines
   in the context when --ignore-blank-lines and --function-context are
   used at the same time.

 * The test on "fast-import" used to get stuck when \ 
"fast-import" died
   in the middle.

 * "git format-patch" can take a set of configured format.notes values
   to specify which notes refs to use in the log message part of the
   output.  The behaviour of this was not consistent with multiple
   --notes command line options, which has been corrected.

 * "git p4" used to ignore lfs.storage configuration variable, which
   has been corrected.

 * Assorted fixes to the directory traversal API.

 * Forbid pathnames that the platform's filesystem cannot represent on
   MinGW.

 * "git rebase --signoff" stopped working when the command was written
   in C, which has been corrected.

 * An earlier update to Git for Windows declared that a tree object is
   invalid if it has a path component with backslash in it, which was
   overly strict, which has been corrected.  The only protection the
   Windows users need is to prevent such path (or any path that their
   filesystem cannot check out) from entering the index.

 * The code to write split commit-graph file(s) upon fetching computed
   bogus value for the parameter used in splitting the resulting
   files, which has been corrected.

 * Other code cleanup, docfix, build fix, etc.

Log message:
*: Recursive revision bump for openssl 1.1.1.

Log message:
*: Recursive revbump from devel/boost-libs

Log message:
git-base: Use bash to run tests

At least with NetBSD (9.99.17) sh(1) the `streaming support for --stdin'
test of t0008-ignores.sh hangs.  Force to use bash for tests and add it as a
test dependency. (This needs to be investigate further.)

The entire test suite is now runs but at least on NetBSD 9.99.17
t0301-credential-cache.sh test 29 `use user socket if user directory
exists' and test 30 `use user socket if user directory is a symlink to
a directory' fail.

Log message:
git: Update to 2.24.1

Changes:
2.24.1
======

This release merges up the fixes that appear in v2.14.6, v2.15.4,
v2.17.3, v2.20.2 and in v2.21.1, addressing the security issues
CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351,
CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, and
CVE-2019-19604.

 * CVE-2019-1348:
   The --export-marks option of git fast-import is exposed also via
   the in-stream command feature export-marks=... and it allows
   overwriting arbitrary paths.

 * CVE-2019-1349:
   When submodules are cloned recursively, under certain circumstances
   Git could be fooled into using the same Git directory twice. We now
   require the directory to be empty.

 * CVE-2019-1350:
   Incorrect quoting of command-line arguments allowed remote code
   execution during a recursive clone in conjunction with SSH URLs.

 * CVE-2019-1351:
   While the only permitted drive letters for physical drives on
   Windows are letters of the US-English alphabet, this restriction
   does not apply to virtual drives assigned via subst <letter>:
   <path>. Git mistook such paths for relative paths, allowing writing
   outside of the worktree while cloning.

 * CVE-2019-1352:
   Git was unaware of NTFS Alternate Data Streams, allowing files
   inside the .git/ directory to be overwritten during a clone.

 * CVE-2019-1353:
   When running Git in the Windows Subsystem for Linux (also known as
   "WSL") while accessing a working directory on a regular Windows
   drive, none of the NTFS protections were active.

 * CVE-2019-1354:
   Filenames on Linux/Unix can contain backslashes. On Windows,
   backslashes are directory separators. Git did not use to refuse to
   write out tracked files with such filenames.

 * CVE-2019-1387:
   Recursive clones are currently affected by a vulnerability that is
   caused by too-lax validation of submodule names, allowing very
   targeted attacks via remote code execution in recursive clones.

Credit for finding these vulnerabilities goes to Microsoft Security
Response Center, in particular to Nicolas Joly. The `fast-import`
fixes were provided by Jeff King, the other fixes by Johannes
Schindelin with help from Garima Singh.

 * CVE-2019-19604:
   The change to disallow `submodule.<name>.update=!command` entries in
   `.gitmodules` which was introduced v2.15.4 (and for which v2.17.3
   added explicit fsck checks) fixes the vulnerability in v2.20.x where
   a recursive clone followed by a submodule update could execute code
   contained within the repository without the user explicitly having
   asked for that.

Credit for finding this vulnerability goes to Joern Schneeweisz,
credit for the fixes goes to Jonathan Nieder.