From 9429be69c85442e744ef697bd79bad3fb4236e0a Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 04:21:49 -0500 Subject: [PATCH 01/34] Special-case Python 3.7 for OSes we can install it on This is analogous to the 3.7-related CI change in gitdb that was part of https://github.com/gitpython-developers/gitdb/pull/114, as to part of https://github.com/gitpython-developers/smmap/pull/58. Since some tests are not yet passing on 3.13, this does not add 3.13 to CI, nor to the documentation of supported versions in `setup.py`. Note that the list there is not enforced; GitPython can already be installed on Python 3.13 and probably *mostly* works. (See https://github.com/gitpython-developers/GitPython/pull/1955 for details on other changes that should be made to fully support running GitPython on Python 3.13.) --- .github/workflows/pythonpackage.yml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 747db62f0..deebe9e11 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -11,15 +11,19 @@ permissions: jobs: build: strategy: - fail-fast: false matrix: - os: ["ubuntu-22.04", "macos-latest", "windows-latest"] - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"] - exclude: - - os: "macos-latest" - python-version: "3.7" + os: [ubuntu-latest, macos-latest, windows-latest] + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] include: - experimental: false + - os: ubuntu-22.04 + python-version: "3.7" + experimental: false + - os: windows-latest + python-version: "3.7" + experimental: false + + fail-fast: false runs-on: ${{ matrix.os }} From affab8eda6a716363bc36c703de305676afc4ae3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Dec 2024 13:14:20 +0000 Subject: [PATCH 02/34] Bump Vampire/setup-wsl from 3.1.1 to 4.0.0 Bumps [Vampire/setup-wsl](https://github.com/vampire/setup-wsl) from 3.1.1 to 4.0.0. - [Release notes](https://github.com/vampire/setup-wsl/releases) - [Commits](https://github.com/vampire/setup-wsl/compare/v3.1.1...v4.0.0) --- updated-dependencies: - dependency-name: Vampire/setup-wsl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pythonpackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index deebe9e11..b8e6391a1 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -44,7 +44,7 @@ jobs: - name: Set up WSL (Windows) if: startsWith(matrix.os, 'windows') - uses: Vampire/setup-wsl@v3.1.1 + uses: Vampire/setup-wsl@v4.0.0 with: distribution: Alpine additional-packages: bash From 01e40a7b06c4ba3d0cf937ba0974949392446b51 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 04:38:44 -0500 Subject: [PATCH 03/34] Do everything in the venv in the Alpine test --- .github/workflows/alpine-test.yml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/alpine-test.yml b/.github/workflows/alpine-test.yml index 2c1eed391..8c00b1086 100644 --- a/.github/workflows/alpine-test.yml +++ b/.github/workflows/alpine-test.yml @@ -16,10 +16,10 @@ jobs: steps: - name: Prepare Alpine Linux run: | - apk add sudo git git-daemon python3 py3-pip + apk add sudo git git-daemon python3 py3-pip py3-setuptools py3-virtualenv py3-wheel echo 'Defaults env_keep += "CI GITHUB_* RUNNER_*"' >/etc/sudoers.d/ci_env addgroup -g 127 docker - adduser -D -u 1001 runner + adduser -D -u 1001 runner # TODO: Check if this still works on GHA as intended. adduser runner docker shell: sh -exo pipefail {0} # Run this as root, not the "runner" user. @@ -50,17 +50,14 @@ jobs: . .venv/bin/activate printf '%s=%s\n' 'PATH' "$PATH" 'VIRTUAL_ENV' "$VIRTUAL_ENV" >>"$GITHUB_ENV" - - name: Update PyPA packages - run: | - # Get the latest pip, wheel, and prior to Python 3.12, setuptools. - python -m pip install -U pip $(pip freeze --all | grep -ow ^setuptools) wheel - - name: Install project and test dependencies run: | + . .venv/bin/activate pip install ".[test]" - name: Show version and platform information run: | + . .venv/bin/activate uname -a command -v git python git version @@ -69,4 +66,5 @@ jobs: - name: Test with pytest run: | + . .venv/bin/activate pytest --color=yes -p no:sugar --instafail -vv From 0300de986ef78a4e7a5562638592f5e91bfd8fa7 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 05:24:47 -0500 Subject: [PATCH 04/34] Instrument `handle_process_output` test To try to find the bug that causes it to fail on Cygwin on CI, but not on other systems on CI, and not locally on Cygwin. It looks like there's an extra line being read from stderr when the test fails, so let's examine the lines themselves. --- test/test_git.py | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/test/test_git.py b/test/test_git.py index 94e68ecf0..3f9687dfe 100644 --- a/test/test_git.py +++ b/test/test_git.py @@ -762,14 +762,17 @@ def test_environment(self, rw_dir): def test_handle_process_output(self): from git.cmd import handle_process_output, safer_popen - line_count = 5002 - count = [None, 0, 0] + expected_line_count = 5002 + line_counts = [None, 0, 0] + lines = [None, [], []] - def counter_stdout(line): - count[1] += 1 + def stdout_handler(line): + line_counts[1] += 1 + lines[1].append(line) - def counter_stderr(line): - count[2] += 1 + def stderr_handler(line): + line_counts[2] += 1 + lines[2].append(line) cmdline = [ sys.executable, @@ -784,10 +787,10 @@ def counter_stderr(line): shell=False, ) - handle_process_output(proc, counter_stdout, counter_stderr, finalize_process) + handle_process_output(proc, stdout_handler, stderr_handler, finalize_process) - self.assertEqual(count[1], line_count) - self.assertEqual(count[2], line_count) + self.assertEqual(line_counts[1], expected_line_count, repr(lines[1])) + self.assertEqual(line_counts[2], expected_line_count, repr(lines[2])) def test_execute_kwargs_set_agrees_with_method(self): parameter_names = inspect.signature(cmd.Git.execute).parameters.keys() From a0f8425c94992bdf3fdde9cbf7c3c7f9dc12e52c Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 05:28:31 -0500 Subject: [PATCH 05/34] Slightly simplify and clarify instrumented code --- test/test_git.py | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/test/test_git.py b/test/test_git.py index 3f9687dfe..274511f8d 100644 --- a/test/test_git.py +++ b/test/test_git.py @@ -763,16 +763,13 @@ def test_handle_process_output(self): from git.cmd import handle_process_output, safer_popen expected_line_count = 5002 - line_counts = [None, 0, 0] - lines = [None, [], []] + actual_lines = [None, [], []] def stdout_handler(line): - line_counts[1] += 1 - lines[1].append(line) + actual_lines[1].append(line) def stderr_handler(line): - line_counts[2] += 1 - lines[2].append(line) + actual_lines[2].append(line) cmdline = [ sys.executable, @@ -789,8 +786,8 @@ def stderr_handler(line): handle_process_output(proc, stdout_handler, stderr_handler, finalize_process) - self.assertEqual(line_counts[1], expected_line_count, repr(lines[1])) - self.assertEqual(line_counts[2], expected_line_count, repr(lines[2])) + self.assertEqual(len(actual_lines[1]), expected_line_count, repr(actual_lines[1])) + self.assertEqual(len(actual_lines[2]), expected_line_count, repr(actual_lines[2])) def test_execute_kwargs_set_agrees_with_method(self): parameter_names = inspect.signature(cmd.Git.execute).parameters.keys() From 4aad37a303ca51a594700976b04e17f0f835d61d Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 06:00:23 -0500 Subject: [PATCH 06/34] Improve environment isolation in Cygwin and Alpine Linux on CI The main change here is to the Cygwin test workflow, which now runs the tests in a venv (a Python virtual environment), to avoid mixing up our intended dependencies with other files installed by Python related packages on the system. This should either fix the problem where `test_handle_process_output` reports an extra line in stderr for the `cat_file.py` subprocess on CI or Cygwin, or at least make it somewhat easier to continue investigating the problem. I think this change is also valuable for its own sake. The connection to the `test_handle_process_output` failure is that the extra line in stderr appears at the beginning and is an error message about a missing import needed for subprocess code coverage. With the recently added more detailed error reporting, it shows: self.assertEqual(line_counts[1], expected_line_count, repr(lines[1])) > self.assertEqual(line_counts[2], expected_line_count, repr(lines[2])) E AssertionError: 5003 != 5002 : ['pytest-cov: Failed to setup subprocess coverage. Environ: {\'COV_CORE_SOURCE\': \'git\', \'COV_CORE_CONFIG\': \':\', \'COV_CORE_DATAFILE\': \'/cygdrive/d/a/GitPython/GitPython/.coverage\'} Exception: ModuleNotFoundError("No module named \'iniconfig\'")\n', 'From github.com:jantman/gitpython_issue_301\n', ' = [up to date] master -> origin/master\n', ' = [up to date] testcommit1 -> origin/testcommit1\n', ' = [up to date] testcommit10 -> origin/testcommit10\n', ' = [up to date] testcommit100 -> origin/testcommit100\n', ' = [up to date] testcommit1000 -> origin/testcommit1000\n', ' = [up to date] testcommit1001 -> origin/testcommit1001\n', ' = [up to date] testcommit1002 -> origin/testcommit1002\n', ' = [up to date] testcommit1003 -> origin/testcommit1003\n', ' = [up to date] testcommit1004 -> origin/testcommit1004\n', ' = [up to date] testcommit1005 -> origin/testcommit1005\n', ' = [up to date] testcommit test/test_git.py:793: AssertionError This could possibly be worked around by attempting to install a package to provide `iniconfig`, by configuring `pytest-cov` in a way that does not require it, or by temporarily disabling code coverage reports on Cygwin. Before exploring those or other options, this change seeks to prepare a more isolated environment in which different package versions are more likely to work properly together. In addition to that change to the Cygwin workflow, this also changes the way the Alpine Linux test workflow is made to use a venv, using the technique that is used here, and undoing some changes in the Alpine Linux workflow that should not be necessary. The reason for making that change together with this Cygwin change is that if either does not work as expected, it might shed light on what is going wrong with the other. Although the same technique is used on Cygwin and in Alpine Linux, it looks a little different, because the environment variable on Cygwin is `BASH_ENV` (since script steps are run in `bash`), while the environment variable is `ENV` (since script steps are run in `busybox sh`) and this must also be allowed to pass through `sudo` (since `sh`, which is `busybox sh` on this system, is being invoked through `sudo`). --- .github/workflows/alpine-test.yml | 15 ++++++++------- .github/workflows/cygwin-test.yml | 6 +++--- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/alpine-test.yml b/.github/workflows/alpine-test.yml index 8c00b1086..ca141cf03 100644 --- a/.github/workflows/alpine-test.yml +++ b/.github/workflows/alpine-test.yml @@ -16,8 +16,8 @@ jobs: steps: - name: Prepare Alpine Linux run: | - apk add sudo git git-daemon python3 py3-pip py3-setuptools py3-virtualenv py3-wheel - echo 'Defaults env_keep += "CI GITHUB_* RUNNER_*"' >/etc/sudoers.d/ci_env + apk add sudo git git-daemon python3 py3-pip py3-virtualenv + echo 'Defaults env_keep += "CI ENV GITHUB_* RUNNER_*"' >/etc/sudoers.d/ci_env addgroup -g 127 docker adduser -D -u 1001 runner # TODO: Check if this still works on GHA as intended. adduser runner docker @@ -47,17 +47,19 @@ jobs: - name: Set up virtualenv run: | python -m venv .venv - . .venv/bin/activate - printf '%s=%s\n' 'PATH' "$PATH" 'VIRTUAL_ENV' "$VIRTUAL_ENV" >>"$GITHUB_ENV" + echo 'ENV=.venv/bin/activate' >> "$GITHUB_ENV" # ENV (not BASH_ENV) for BusyBox sh. + + - name: Update PyPA packages + run: | + # Get the latest pip, wheel, and prior to Python 3.12, setuptools. + python -m pip install -U pip $(pip freeze --all | grep -ow ^setuptools) wheel - name: Install project and test dependencies run: | - . .venv/bin/activate pip install ".[test]" - name: Show version and platform information run: | - . .venv/bin/activate uname -a command -v git python git version @@ -66,5 +68,4 @@ jobs: - name: Test with pytest run: | - . .venv/bin/activate pytest --color=yes -p no:sugar --instafail -vv diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index bde4ea659..ebe50240d 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -55,10 +55,10 @@ jobs: # and cause subsequent tests to fail cat test/fixtures/.gitconfig >> ~/.gitconfig - - name: Ensure the "pip" command is available + - name: Set up virtualenv run: | - # This is used unless, and before, an updated pip is installed. - ln -s pip3 /usr/bin/pip + python -m venv .venv + echo 'BASH_ENV=.venv/bin/activate' >>"$GITHUB_ENV" - name: Update PyPA packages run: | From 39cd608b762256663b862224bcb46bdb2fc18817 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 06:28:48 -0500 Subject: [PATCH 07/34] Put back explicit venv activation in Alpine Linux `busybox sh` does not appear to read commands from a file whose path is given as the value of `$ENV`, in this situation. I think I may have misunderstood that; the documentation does not say much about it and maybe, in Almquist-style shells, it is only read by interactive shells? I am not sure. This removes everything about `ENV` and activates the venv in each step where the venv should be used. The good news is that the technique did work fully in Cygwin: not only did `BASH_ENV` work (which was not much in doubt), but using a virtual environment for all steps that run test code on Cygwin fixed the problem and allowed all tests to pass. That seems to have been the reason I didn't reproduce the problem locally: on my local system I always use a venv in Cygwin since I would otherwise not have adequate isolation. Thus, this commit changes only the Alpine workflow and not the Cygwin workflow. --- .github/workflows/alpine-test.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/alpine-test.yml b/.github/workflows/alpine-test.yml index ca141cf03..6dc62f596 100644 --- a/.github/workflows/alpine-test.yml +++ b/.github/workflows/alpine-test.yml @@ -17,7 +17,7 @@ jobs: - name: Prepare Alpine Linux run: | apk add sudo git git-daemon python3 py3-pip py3-virtualenv - echo 'Defaults env_keep += "CI ENV GITHUB_* RUNNER_*"' >/etc/sudoers.d/ci_env + echo 'Defaults env_keep += "CI GITHUB_* RUNNER_*"' >/etc/sudoers.d/ci_env addgroup -g 127 docker adduser -D -u 1001 runner # TODO: Check if this still works on GHA as intended. adduser runner docker @@ -47,19 +47,21 @@ jobs: - name: Set up virtualenv run: | python -m venv .venv - echo 'ENV=.venv/bin/activate' >> "$GITHUB_ENV" # ENV (not BASH_ENV) for BusyBox sh. - name: Update PyPA packages run: | # Get the latest pip, wheel, and prior to Python 3.12, setuptools. + . .venv/bin/activate python -m pip install -U pip $(pip freeze --all | grep -ow ^setuptools) wheel - name: Install project and test dependencies run: | + . .venv/bin/activate pip install ".[test]" - name: Show version and platform information run: | + . .venv/bin/activate uname -a command -v git python git version @@ -68,4 +70,5 @@ jobs: - name: Test with pytest run: | + . .venv/bin/activate pytest --color=yes -p no:sugar --instafail -vv From 8a05390925ef416736ce9c0be8569977ca48fa07 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 07:22:11 -0500 Subject: [PATCH 08/34] Tune CI matrix adjustments so reports are clearer Since #1987, test jobs from `pythonpackage.yml` appear in an unintuitive order, and some show an extra bool matrix variable in their names while others don't (this corresponds to `experimental`, which was always set to some value, but was set in different ways). This fixes that by: - Listing all tested versions, rather than introducing some in an `include` key. (The `include:`-introduced jobs didn't distinguish between originally-present matrix variables and those that are introduced based on the values of the original ones.) - Replacing `os` with `os-type`, which has only the first part of the value for `runs-on:` (e.g., `ubuntu`), and adding `os-ver` to each matrix job, defaulting it to `latest`, but using `22.04` for Python 3.7 on Ubuntu. This should also naturally extend to adding 3.13, with or without setting `continue-on-error` to temporarily work around the problems obseved in #1955, but nothing 3.13-related is done in this commit. --- .github/workflows/pythonpackage.yml | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index b8e6391a1..aff6354f4 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -12,20 +12,21 @@ jobs: build: strategy: matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] - include: - - experimental: false - - os: ubuntu-22.04 + os-type: [ubuntu, macos, windows] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"] + exclude: + - os-type: macos python-version: "3.7" - experimental: false - - os: windows-latest + include: + - os-ver: latest + - os-type: ubuntu python-version: "3.7" - experimental: false + os-ver: "22.04" + - experimental: false fail-fast: false - runs-on: ${{ matrix.os }} + runs-on: ${{ matrix.os-type }}-${{ matrix.os-ver }} defaults: run: @@ -43,7 +44,7 @@ jobs: allow-prereleases: ${{ matrix.experimental }} - name: Set up WSL (Windows) - if: startsWith(matrix.os, 'windows') + if: matrix.os-type == 'windows' uses: Vampire/setup-wsl@v4.0.0 with: distribution: Alpine @@ -80,7 +81,7 @@ jobs: # For debugging hook tests on native Windows systems that may have WSL. - name: Show bash.exe candidates (Windows) - if: startsWith(matrix.os, 'windows') + if: matrix.os-type == 'windows' run: | set +e bash.exe -c 'printenv WSL_DISTRO_NAME; uname -a' From 41377d5254d3e4a03a7edd5adc8fd4b5a0767210 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 2 Jan 2025 07:39:19 -0500 Subject: [PATCH 09/34] Change test job keys from `build` to `test` This goes a bit further in the direction of the preceding commit, making CI reports/logs a bit more intuitive. --- .github/workflows/alpine-test.yml | 2 +- .github/workflows/cygwin-test.yml | 2 +- .github/workflows/pythonpackage.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/alpine-test.yml b/.github/workflows/alpine-test.yml index 6dc62f596..bd09a939b 100644 --- a/.github/workflows/alpine-test.yml +++ b/.github/workflows/alpine-test.yml @@ -3,7 +3,7 @@ name: test-alpine on: [push, pull_request, workflow_dispatch] jobs: - build: + test: runs-on: ubuntu-latest container: diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index ebe50240d..575fb26ef 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -3,7 +3,7 @@ name: test-cygwin on: [push, pull_request, workflow_dispatch] jobs: - build: + test: runs-on: windows-latest strategy: diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index aff6354f4..9225624f0 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -9,7 +9,7 @@ permissions: contents: read jobs: - build: + test: strategy: matrix: os-type: [ubuntu, macos, windows] From 73ddb22f5c06fc3f09addf9be176d569d770b469 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Sat, 4 Jan 2025 09:55:50 -0500 Subject: [PATCH 10/34] Continue testing Python 3.9 on CI but unpin 3.9.16-1 We pinned Python 3.9.16 on Cygwin CI in #1814 (by requiring 3.9.16-1 as the exact version of the `python39` Cygwin package, along with other supporting changes). We did this to solve a problem where Python 3.9.18-1, which contained a bug that broke GitPython CI (and various other software), would be selected. Version 3.9.18-1 was marked back to being a "test" package shortly after the bug was reported, and was subsequently removed altogether from the Cygwin repositories. Because the affected package version effectively no longer exists, and because this issue is known and a non-"test" version still affected by it is very unlikely to be released in the future, this pinning has been decisively unnecessary for some time, though still not harmful. This commit undoes the pinning, so that the `python39` package can be installed at a higher version if one becomes available. This serves two purposes. - There is work under way in porting Python 3.12 to Cygwin. To test this with GitPython (either while it is in development or later), it will be useful to turn the Cygwin test job into a matrix job definition, generating two jobs, one for Python 3.9 and one for Python 3.12. Since 3.12 will probably not benefit from pinning, dropping pinning simplifies this. - If the port of Python 3.12 to Cygwin is successful, it might lead to a solution to the but that currently keeps 3.9.18 from being made available for Cygwin. In that case, another 3.9.18-* Cygwin package would be released, which we would want to use. Although this is uncertain, the change is a simplification, so I think it is reasonable to do now. Note that the pinning being undone here only affects the distinction between different 3.9.* versions. `python39` and `python312` are different Cygwin packages altogether, with correspondingly different `python39-*` and `python312-*` associated packages; this is not unpinning Python 3.9 in a way that would cause Python 3.12 to be selected instead of it. --- .github/workflows/cygwin-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index 575fb26ef..d42eb0587 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -30,7 +30,7 @@ jobs: - name: Set up Cygwin uses: egor-tensin/setup-cygwin@v4 with: - packages: python39=3.9.16-1 python39-pip python39-virtualenv git + packages: python39 python39-pip python39-virtualenv git - name: Arrange for verbose output run: | From 85d72ef55eb3ba64f5db6016198724ec45769961 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Sun, 5 Jan 2025 02:38:34 -0500 Subject: [PATCH 11/34] Test Python 3.13 on Ubuntu and macOS on CI But not Windows yet (#1955). --- .github/workflows/pythonpackage.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 9225624f0..245844972 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -13,10 +13,12 @@ jobs: strategy: matrix: os-type: [ubuntu, macos, windows] - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] exclude: - os-type: macos - python-version: "3.7" + python-version: "3.7" # Not available for the ARM-based macOS runners. + - os-type: windows + python-version: "3.13" # FIXME: Fix and enable Python 3.13 on Windows (#1955). include: - os-ver: latest - os-type: ubuntu From b20de09016ce221943a7bc4c7b67be5bacad9a15 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Sun, 5 Jan 2025 03:24:28 -0500 Subject: [PATCH 12/34] Affirm that gitdb and smmap advisories can also be created This expands `SECURITY.md` to affirm the claims in the new `SECURITY.md` files in gitdb and smmap that vulnerabilities found in them can be reported in the GitPython repository with the same link as one would use to report a GitPython vulnerability, as well as to note how the distinction between affected package can be specified when it is known at the time a vulnerability is reported. Along with https://github.com/gitpython-developers/smmap/pull/59 and https://github.com/gitpython-developers/gitdb/pull/117, this fixes https://github.com/gitpython-developers/gitdb/issues/116. --- SECURITY.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index d39425b70..3f7d9f27e 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -11,4 +11,6 @@ Only the latest version of GitPython can receive security updates. If a vulnerab ## Reporting a Vulnerability -Please report private portions of a vulnerability to . Doing so helps to receive updates and collaborate on the matter, without disclosing it publicliy right away. +Please report private portions of a vulnerability to . Doing so helps to receive updates and collaborate on the matter, without disclosing it publicly right away. + +Vulnerabilities in GitPython's dependencies [gitdb](https://github.com/gitpython-developers/gitdb/blob/main/SECURITY.md) or [smmap](https://github.com/gitpython-developers/smmap/blob/main/SECURITY.md), which primarily exist to support GitPython, can be reported here as well, at that same link. The affected package (`GitPython`, `gitdb`, or `smmap`) can be included in the report, if known. From 55f36e64d79e0e8acc8f8763af5e7b18a3b214f6 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Sun, 5 Jan 2025 11:51:31 -0500 Subject: [PATCH 13/34] Fix links to gitdb and smmap `SECURITY.md` files The links in #1991 did not work, as I got the branch names wrong. --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 3f7d9f27e..0aea34845 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -13,4 +13,4 @@ Only the latest version of GitPython can receive security updates. If a vulnerab Please report private portions of a vulnerability to . Doing so helps to receive updates and collaborate on the matter, without disclosing it publicly right away. -Vulnerabilities in GitPython's dependencies [gitdb](https://github.com/gitpython-developers/gitdb/blob/main/SECURITY.md) or [smmap](https://github.com/gitpython-developers/smmap/blob/main/SECURITY.md), which primarily exist to support GitPython, can be reported here as well, at that same link. The affected package (`GitPython`, `gitdb`, or `smmap`) can be included in the report, if known. +Vulnerabilities in GitPython's dependencies [gitdb](https://github.com/gitpython-developers/gitdb/blob/master/SECURITY.md) or [smmap](https://github.com/gitpython-developers/smmap/blob/master/SECURITY.md), which primarily exist to support GitPython, can be reported here as well, at that same link. The affected package (`GitPython`, `gitdb`, or `smmap`) can be included in the report, if known. From 80096b95e119e90c9324f5ba898705fda4581c84 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 13:38:24 +0000 Subject: [PATCH 14/34] Bump Vampire/setup-wsl from 4.0.0 to 4.1.0 Bumps [Vampire/setup-wsl](https://github.com/vampire/setup-wsl) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/vampire/setup-wsl/releases) - [Commits](https://github.com/vampire/setup-wsl/compare/v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: Vampire/setup-wsl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/pythonpackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 245844972..68b4fd8f9 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -47,7 +47,7 @@ jobs: - name: Set up WSL (Windows) if: matrix.os-type == 'windows' - uses: Vampire/setup-wsl@v4.0.0 + uses: Vampire/setup-wsl@v4.1.0 with: distribution: Alpine additional-packages: bash From fb102cfc5a86155d2c8b8f10cf5957f3f5d9e435 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 13:45:04 +0000 Subject: [PATCH 15/34] Bump git/ext/gitdb from `775cfe8` to `9e68ea1` Bumps [git/ext/gitdb](https://github.com/gitpython-developers/gitdb) from `775cfe8` to `9e68ea1`. - [Release notes](https://github.com/gitpython-developers/gitdb/releases) - [Commits](https://github.com/gitpython-developers/gitdb/compare/775cfe8299ea5474f605935469359a9d1cdb49dc...9e68ea1687bbda84776c3605b96bb0b43e846bea) --- updated-dependencies: - dependency-name: git/ext/gitdb dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- git/ext/gitdb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git/ext/gitdb b/git/ext/gitdb index 775cfe829..9e68ea168 160000 --- a/git/ext/gitdb +++ b/git/ext/gitdb @@ -1 +1 @@ -Subproject commit 775cfe8299ea5474f605935469359a9d1cdb49dc +Subproject commit 9e68ea1687bbda84776c3605b96bb0b43e846bea From e4f1aa71dd255583ff19c1bd40410e94da8e15af Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Thu, 9 Jan 2025 17:57:51 +0100 Subject: [PATCH 16/34] Repo.rev_parse: Handle ^{commit} correctly This should resolve to commit object. Fixes: #1995 Signed-off-by: Frank Lichtenheld --- git/repo/fun.py | 8 +++++++- test/test_repo.py | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/git/repo/fun.py b/git/repo/fun.py index 182cf82ed..125ba5936 100644 --- a/git/repo/fun.py +++ b/git/repo/fun.py @@ -301,7 +301,13 @@ def rev_parse(repo: "Repo", rev: str) -> AnyGitObject: # Handle type. if output_type == "commit": - pass # Default. + obj = cast("TagObject", obj) + if obj and obj.type == "tag": + obj = deref_tag(obj) + else: + # Cannot do anything for non-tags. + pass + # END handle tag elif output_type == "tree": try: obj = cast(AnyGitObject, obj) diff --git a/test/test_repo.py b/test/test_repo.py index e38da5bb6..bfa1bbb78 100644 --- a/test/test_repo.py +++ b/test/test_repo.py @@ -1064,9 +1064,9 @@ def test_rev_parse(self): # TODO: Dereference tag into a blob 0.1.7^{blob} - quite a special one. # Needs a tag which points to a blob. - # ref^0 returns commit being pointed to, same with ref~0, and ^{} + # ref^0 returns commit being pointed to, same with ref~0, ^{}, and ^{commit} tag = rev_parse("0.1.4") - for token in ("~0", "^0", "^{}"): + for token in ("~0", "^0", "^{}", "^{commit}"): self.assertEqual(tag.object, rev_parse("0.1.4%s" % token)) # END handle multiple tokens From 7751d0b98920f9fc74b2f109e92cb0abf3a98b15 Mon Sep 17 00:00:00 2001 From: David Lakin Date: Fri, 10 Jan 2025 13:52:56 -0500 Subject: [PATCH 17/34] Fuzzing: Fix broken test for Git submodule handling Ensured submodule names, paths, and commit messages are sanitized to avoid invalid states that are expected to cause exceptions and should not halt the fuzzer. In particular, the changes here: - Sanitized inputs for submodule names, paths, and commit messages. - Added validation for submodule SHA and path integrity. --- fuzzing/fuzz-targets/fuzz_submodule.py | 59 ++++++++++++++++++-------- 1 file changed, 42 insertions(+), 17 deletions(-) diff --git a/fuzzing/fuzz-targets/fuzz_submodule.py b/fuzzing/fuzz-targets/fuzz_submodule.py index d22b0aa5b..afa653d0d 100644 --- a/fuzzing/fuzz-targets/fuzz_submodule.py +++ b/fuzzing/fuzz-targets/fuzz_submodule.py @@ -9,11 +9,17 @@ get_max_filename_length, ) -# Setup the git environment +# Setup the Git environment setup_git_environment() from git import Repo, GitCommandError, InvalidGitRepositoryError +def sanitize_input(input_str, max_length=255): + """Sanitize and truncate inputs to avoid invalid Git operations.""" + sanitized = "".join(ch for ch in input_str if ch.isalnum() or ch in ("-", "_", ".")) + return sanitized[:max_length] + + def TestOneInput(data): fdp = atheris.FuzzedDataProvider(data) @@ -24,12 +30,23 @@ def TestOneInput(data): try: with tempfile.TemporaryDirectory() as submodule_temp_dir: sub_repo = Repo.init(submodule_temp_dir, bare=fdp.ConsumeBool()) - sub_repo.index.commit(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(1, 512))) + commit_message = sanitize_input(fdp.ConsumeUnicodeNoSurrogates(fdp.ConsumeIntInRange(1, 512))) + sub_repo.index.commit(commit_message) - submodule_name = fdp.ConsumeUnicodeNoSurrogates( - fdp.ConsumeIntInRange(1, max(1, get_max_filename_length(repo.working_tree_dir))) + submodule_name = sanitize_input( + fdp.ConsumeUnicodeNoSurrogates( + fdp.ConsumeIntInRange(1, get_max_filename_length(repo.working_tree_dir)) + ) ) - submodule_path = os.path.join(repo.working_tree_dir, submodule_name) + + submodule_path = os.path.relpath( + os.path.join(repo.working_tree_dir, submodule_name), + start=repo.working_tree_dir, + ) + + # Ensure submodule_path is valid + if not submodule_name or submodule_name.startswith("/") or ".." in submodule_name: + return -1 # Reject invalid input so they are not added to the corpus submodule = repo.create_submodule(submodule_name, submodule_path, url=sub_repo.git_dir) repo.index.commit("Added submodule") @@ -39,25 +56,38 @@ def TestOneInput(data): value_length = fdp.ConsumeIntInRange(1, max(1, fdp.remaining_bytes())) writer.set_value( - fdp.ConsumeUnicodeNoSurrogates(key_length), fdp.ConsumeUnicodeNoSurrogates(value_length) + sanitize_input(fdp.ConsumeUnicodeNoSurrogates(key_length)), + sanitize_input(fdp.ConsumeUnicodeNoSurrogates(value_length)), ) writer.release() - submodule.update(init=fdp.ConsumeBool(), dry_run=fdp.ConsumeBool(), force=fdp.ConsumeBool()) + submodule.update( + init=fdp.ConsumeBool(), + dry_run=fdp.ConsumeBool(), + force=fdp.ConsumeBool(), + ) + submodule_repo = submodule.module() - new_file_name = fdp.ConsumeUnicodeNoSurrogates( - fdp.ConsumeIntInRange(1, max(1, get_max_filename_length(submodule_repo.working_tree_dir))) + new_file_name = sanitize_input( + fdp.ConsumeUnicodeNoSurrogates( + fdp.ConsumeIntInRange(1, get_max_filename_length(submodule_repo.working_tree_dir)) + ) ) new_file_path = os.path.join(submodule_repo.working_tree_dir, new_file_name) with open(new_file_path, "wb") as new_file: new_file.write(fdp.ConsumeBytes(fdp.ConsumeIntInRange(1, 512))) + submodule_repo.index.add([new_file_path]) submodule_repo.index.commit("Added new file to submodule") repo.submodule_update(recursive=fdp.ConsumeBool()) - submodule_repo.head.reset(commit="HEAD~1", working_tree=fdp.ConsumeBool(), head=fdp.ConsumeBool()) - # Use fdp.PickValueInList to ensure at least one of 'module' or 'configuration' is True + submodule_repo.head.reset( + commit="HEAD~1", + working_tree=fdp.ConsumeBool(), + head=fdp.ConsumeBool(), + ) + module_option_value, configuration_option_value = fdp.PickValueInList( [(True, False), (False, True), (True, True)] ) @@ -82,12 +112,7 @@ def TestOneInput(data): ): return -1 except Exception as e: - if isinstance(e, ValueError) and "embedded null byte" in str(e): - return -1 - elif isinstance(e, OSError) and "File name too long" in str(e): - return -1 - else: - return handle_exception(e) + return handle_exception(e) def main(): From 5c547f33063d811f445c82de19b0d2f6aad0e995 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Jan 2025 13:17:13 +0000 Subject: [PATCH 18/34] Bump git/ext/gitdb from `9e68ea1` to `f36c0cc` Bumps [git/ext/gitdb](https://github.com/gitpython-developers/gitdb) from `9e68ea1` to `f36c0cc`. - [Release notes](https://github.com/gitpython-developers/gitdb/releases) - [Commits](https://github.com/gitpython-developers/gitdb/compare/9e68ea1687bbda84776c3605b96bb0b43e846bea...f36c0cc42ea2f529291e441073f74e920988d4d2) --- updated-dependencies: - dependency-name: git/ext/gitdb dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- git/ext/gitdb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git/ext/gitdb b/git/ext/gitdb index 9e68ea168..f36c0cc42 160000 --- a/git/ext/gitdb +++ b/git/ext/gitdb @@ -1 +1 @@ -Subproject commit 9e68ea1687bbda84776c3605b96bb0b43e846bea +Subproject commit f36c0cc42ea2f529291e441073f74e920988d4d2 From 9e22a4a5811157e59a61778285d79b686bbec9ad Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Fri, 21 Feb 2025 05:17:30 -0500 Subject: [PATCH 19/34] Run `python3.9` explicitly on Cygwin CI In case somehow another one leaked in. --- .github/workflows/cygwin-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index d42eb0587..0a66a9b46 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -57,7 +57,7 @@ jobs: - name: Set up virtualenv run: | - python -m venv .venv + python3.9 -m venv .venv echo 'BASH_ENV=.venv/bin/activate' >>"$GITHUB_ENV" - name: Update PyPA packages From f401b1020f4177b217d679d71a41df28754bef6f Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Fri, 21 Feb 2025 05:19:56 -0500 Subject: [PATCH 20/34] Switch back to cygwin/cygwin-install-action Since we don't need pinning, and this avoids installing and using the chocolatey package manager, which we're not using for anything else. --- .github/workflows/cygwin-test.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index 0a66a9b46..fbf9b8307 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -15,7 +15,7 @@ jobs: defaults: run: - shell: C:\tools\cygwin\bin\bash.exe --login --norc -eo pipefail -o igncr "{0}" + shell: C:\cygwin\bin\bash.exe --login --norc -eo pipefail -o igncr "{0}" steps: - name: Force LF line endings @@ -27,10 +27,11 @@ jobs: with: fetch-depth: 0 - - name: Set up Cygwin - uses: egor-tensin/setup-cygwin@v4 + - name: Install Cygwin + uses: cygwin/cygwin-install-action@v5 with: packages: python39 python39-pip python39-virtualenv git + add-to-path: false # No need to change $PATH outside the Cygwin environment. - name: Arrange for verbose output run: | From 4605dd690b6ebe4c0c07f3910607aae407d6070e Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Fri, 21 Feb 2025 05:30:50 -0500 Subject: [PATCH 21/34] Install pip in venv in separate step --- .github/workflows/cygwin-test.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index fbf9b8307..a2e7f6b2d 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -58,9 +58,13 @@ jobs: - name: Set up virtualenv run: | - python3.9 -m venv .venv + python3.9 -m venv --without-pip .venv echo 'BASH_ENV=.venv/bin/activate' >>"$GITHUB_ENV" + - name: Install pip in virtualenv + run: | + python -m ensurepip + - name: Update PyPA packages run: | # Get the latest pip, wheel, and prior to Python 3.12, setuptools. From a5fee410ec8d40264d7a53cc5c4fd9deb0c97dd5 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Fri, 21 Feb 2025 05:40:26 -0500 Subject: [PATCH 22/34] Install Cygwin package for wheel --- .github/workflows/cygwin-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index a2e7f6b2d..d4aee4544 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -30,7 +30,7 @@ jobs: - name: Install Cygwin uses: cygwin/cygwin-install-action@v5 with: - packages: python39 python39-pip python39-virtualenv git + packages: python39 python39-pip python39-virtualenv python39-wheel git add-to-path: false # No need to change $PATH outside the Cygwin environment. - name: Arrange for verbose output From a2b73cac7c252f3c35169dd8a752614614571d10 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Fri, 21 Feb 2025 05:45:30 -0500 Subject: [PATCH 23/34] Use the pip bootstrap script instead --- .github/workflows/cygwin-test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index d4aee4544..585c419aa 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -30,7 +30,7 @@ jobs: - name: Install Cygwin uses: cygwin/cygwin-install-action@v5 with: - packages: python39 python39-pip python39-virtualenv python39-wheel git + packages: python39 python39-pip python39-virtualenv git add-to-path: false # No need to change $PATH outside the Cygwin environment. - name: Arrange for verbose output @@ -61,9 +61,9 @@ jobs: python3.9 -m venv --without-pip .venv echo 'BASH_ENV=.venv/bin/activate' >>"$GITHUB_ENV" - - name: Install pip in virtualenv + - name: Bootstrap pip in virtualenv run: | - python -m ensurepip + wget -qO- https://bootstrap.pypa.io/get-pip.py | python - name: Update PyPA packages run: | From d597fc949c48726b34c2130424a044020960e5f2 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Fri, 21 Feb 2025 05:51:25 -0500 Subject: [PATCH 24/34] Install wget for Cygwin job to use to get pip bootstrap script --- .github/workflows/cygwin-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cygwin-test.yml b/.github/workflows/cygwin-test.yml index 585c419aa..278777907 100644 --- a/.github/workflows/cygwin-test.yml +++ b/.github/workflows/cygwin-test.yml @@ -30,7 +30,7 @@ jobs: - name: Install Cygwin uses: cygwin/cygwin-install-action@v5 with: - packages: python39 python39-pip python39-virtualenv git + packages: python39 python39-pip python39-virtualenv git wget add-to-path: false # No need to change $PATH outside the Cygwin environment. - name: Arrange for verbose output From 1277baa811e5500cf4aaae1569137fe1e6b4c3cb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Feb 2025 14:53:19 +0000 Subject: [PATCH 25/34] Bump Vampire/setup-wsl from 4.1.0 to 4.1.1 Bumps [Vampire/setup-wsl](https://github.com/vampire/setup-wsl) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/vampire/setup-wsl/releases) - [Commits](https://github.com/vampire/setup-wsl/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: Vampire/setup-wsl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/pythonpackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 68b4fd8f9..4850f252c 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -47,7 +47,7 @@ jobs: - name: Set up WSL (Windows) if: matrix.os-type == 'windows' - uses: Vampire/setup-wsl@v4.1.0 + uses: Vampire/setup-wsl@v4.1.1 with: distribution: Alpine additional-packages: bash From 2ae697d02182d62ed1c17df370d7aa3a2b67cbce Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Wed, 5 Mar 2025 23:00:42 -0500 Subject: [PATCH 26/34] Mark `test_installation` xfail on Cygwin CI Together with #2007, this works around #2004, allowing all tests to pass on Cygwin CI. In #2007, installation of the environment in which tests run was fixed by downloading and running the `get-pip.py` bootstrap script. If we were to modify our helper that sets up the (separate) virtual environment in `test_installation` so that it does the same thing (or conditionally does so on CI, since the problem does not seem to happen in local installations), that would likely "fix" this more thoroughly, allowing the test to pass. But part of the goal of the installation test is to test that installation works in a typical environment on the platform it runs on. So it is not obivous that making it pass in that way would be an improvement compared to marking it `xfail` with the exception type that occurs due to #2004. So this just does that, for now. --- test/test_installation.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/test_installation.py b/test/test_installation.py index ae6472e98..a35826bd0 100644 --- a/test/test_installation.py +++ b/test/test_installation.py @@ -4,11 +4,19 @@ import ast import os import subprocess +import sys + +import pytest from test.lib import TestBase, VirtualEnvironment, with_rw_directory class TestInstallation(TestBase): + @pytest.mark.xfail( + sys.platform == "cygwin" and "CI" in os.environ, + reason="Trouble with pip on Cygwin CI, see issue #2004", + raises=subprocess.CalledProcessError, + ) @with_rw_directory def test_installation(self, rw_dir): venv = self._set_up_venv(rw_dir) From 54e1c1bfd14fc055fb8f7324154fd0658ac0d16f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 12 Mar 2025 11:55:36 +0000 Subject: [PATCH 27/34] Bump Vampire/setup-wsl from 4.1.1 to 5.0.0 Bumps [Vampire/setup-wsl](https://github.com/vampire/setup-wsl) from 4.1.1 to 5.0.0. - [Release notes](https://github.com/vampire/setup-wsl/releases) - [Commits](https://github.com/vampire/setup-wsl/compare/v4.1.1...v5.0.0) --- updated-dependencies: - dependency-name: Vampire/setup-wsl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pythonpackage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 4850f252c..039699af5 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -47,7 +47,7 @@ jobs: - name: Set up WSL (Windows) if: matrix.os-type == 'windows' - uses: Vampire/setup-wsl@v4.1.1 + uses: Vampire/setup-wsl@v5.0.0 with: distribution: Alpine additional-packages: bash From a41a0de46d2fdbb34207161bb0c180bd72958c8b Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 6 Mar 2025 19:06:46 -0500 Subject: [PATCH 28/34] Use WSL1 on CI This avoids an occasional HTTP 403 error updating WSL for WSL2. For details on that issue and possible approaches, see: https://github.com/gitpython-developers/GitPython/pull/2008#pullrequestreview-2665805369 --- .github/workflows/pythonpackage.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 039699af5..1a0210723 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -49,6 +49,7 @@ jobs: if: matrix.os-type == 'windows' uses: Vampire/setup-wsl@v5.0.0 with: + wsl-version: 1 distribution: Alpine additional-packages: bash From c13d998c03ec5268b5b6c361fe0c65854041b684 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 6 Mar 2025 19:45:41 -0500 Subject: [PATCH 29/34] Test on free-threaded Python See #2005. Right now, this does not limit by operating system, but that is just to verify that there are no OS-specific 3.13t problems we should know about right now; once that is verified, the macOS and Windows jobs will be removed (excluded) for the time being. The 3.13t jobs added here use `Quansight-Labs/setup-python`, not `actions/setup-python`. The latter also has the ability to use 3.13t since https://github.com/actions/python-versions/pull/319 and https://github.com/actions/setup-python/pull/973 (see also https://github.com/actions/setup-python/issues/771), but no version tag includes this feature yet. It can be used by using `@main` or `@...` where `...` is an OID. The former would risk pulling in other untested features we're no trying to test with, while the latter would not be easy to upgrade automatically as what we have now (we would be deliberately keeping a hash not at any tag that is already not the latest hash on any branch). In contrast, the `Quansight-Labs/setup-python` fork adds this feature while staying up to date with others. When `actions/setup-python` has a release (stable or prerelease) with this feature, we can switch to it. This could probably be done with less code duplication by using a matrix variable for the action to use. Instead, the "Set up Python" step is split in two, with opposite `if` conditions, so that each is capable of being recognized and upgraded by Dependabot if a new major version is released (in case this ends up remaining in place longer than expected). --- .github/workflows/pythonpackage.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 039699af5..b24c5cc57 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -13,7 +13,7 @@ jobs: strategy: matrix: os-type: [ubuntu, macos, windows] - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12", "3.13"] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12", "3.13", "3.13t"] exclude: - os-type: macos python-version: "3.7" # Not available for the ARM-based macOS runners. @@ -40,11 +40,20 @@ jobs: fetch-depth: 0 - name: Set up Python ${{ matrix.python-version }} + if: |- + !endsWith(matrix.python-version, 't') uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} allow-prereleases: ${{ matrix.experimental }} + - name: Set up Python ${{ matrix.python-version }} (free-threaded) + if: endsWith(matrix.python-version, 't') + uses: Quansight-Labs/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} + allow-prereleases: ${{ matrix.experimental }} + - name: Set up WSL (Windows) if: matrix.os-type == 'windows' uses: Vampire/setup-wsl@v5.0.0 From 56038c3e0382d87ccdb66d53964f038314c157fd Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Thu, 6 Mar 2025 22:39:23 -0500 Subject: [PATCH 30/34] Only test free-threaded Python on Linux For now, this omits macOS and Windows from the 3.13t ("threaded") tests. The plan in #2005 is to start without them, and no OS-specific problems have been identified so far. In particular, in the previous commit that adds 3.13t without excluding any operating systems, all tests in the macOS job passed as expected, and the Windows job had the same failure with the same message as in #1955, with no XFAIL changed to XPASS (which, if present, would suggest GC differences meriting further exploration of 3.13t on Windows). --- .github/workflows/pythonpackage.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index b24c5cc57..661df0693 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -17,8 +17,12 @@ jobs: exclude: - os-type: macos python-version: "3.7" # Not available for the ARM-based macOS runners. + - os-type: macos + python-version: "3.13t" - os-type: windows python-version: "3.13" # FIXME: Fix and enable Python 3.13 on Windows (#1955). + - os-type: windows + python-version: "3.13t" include: - os-ver: latest - os-type: ubuntu From 11f7fafada8348c8e8f699c7ab621be6d26b00a5 Mon Sep 17 00:00:00 2001 From: Kamil Kozik Date: Fri, 7 Mar 2025 18:39:06 +0100 Subject: [PATCH 31/34] `IndexFile._to_relative_path` - fix case where absolute path gets stripped of trailing slash --- git/index/base.py | 5 ++++- test/test_index.py | 22 ++++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/git/index/base.py b/git/index/base.py index 39cc9143c..65b1f9308 100644 --- a/git/index/base.py +++ b/git/index/base.py @@ -655,7 +655,10 @@ def _to_relative_path(self, path: PathLike) -> PathLike: raise InvalidGitRepositoryError("require non-bare repository") if not osp.normpath(str(path)).startswith(str(self.repo.working_tree_dir)): raise ValueError("Absolute path %r is not in git repository at %r" % (path, self.repo.working_tree_dir)) - return os.path.relpath(path, self.repo.working_tree_dir) + result = os.path.relpath(path, self.repo.working_tree_dir) + if str(path).endswith(os.sep) and not result.endswith(os.sep): + result += os.sep + return result def _preprocess_add_items( self, items: Union[PathLike, Sequence[Union[PathLike, Blob, BaseIndexEntry, "Submodule"]]] diff --git a/test/test_index.py b/test/test_index.py index c586a0b5a..c42032e70 100644 --- a/test/test_index.py +++ b/test/test_index.py @@ -16,6 +16,7 @@ import subprocess import sys import tempfile +from unittest import mock from gitdb.base import IStream @@ -1015,6 +1016,27 @@ class Mocked: rel = index._to_relative_path(path) self.assertEqual(rel, os.path.relpath(path, root)) + def test__to_relative_path_absolute_trailing_slash(self): + repo_root = os.path.join(osp.abspath(os.sep), "directory1", "repo_root") + + class Mocked: + bare = False + git_dir = repo_root + working_tree_dir = repo_root + + repo = Mocked() + path = os.path.join(repo_root, f"directory2{os.sep}") + index = IndexFile(repo) + + expected_path = f"directory2{os.sep}" + actual_path = index._to_relative_path(path) + self.assertEqual(expected_path, actual_path) + + with mock.patch("git.index.base.os.path") as ospath_mock: + ospath_mock.relpath.return_value = f"directory2{os.sep}" + actual_path = index._to_relative_path(path) + self.assertEqual(expected_path, actual_path) + @pytest.mark.xfail( type(_win_bash_status) is WinBashStatus.Absent, reason="Can't run a hook on Windows without bash.exe.", From 94151aa2ca9f16491a0cf2344b4daa8bf7b41d70 Mon Sep 17 00:00:00 2001 From: Andrej730 Date: Wed, 19 Mar 2025 13:17:46 +0500 Subject: [PATCH 32/34] Use property decorator to support typing --- git/refs/symbolic.py | 41 ++++++++++++++++++++++++----------------- git/repo/base.py | 40 +++++++++++++++++++++------------------- 2 files changed, 45 insertions(+), 36 deletions(-) diff --git a/git/refs/symbolic.py b/git/refs/symbolic.py index 510850b2e..1b90a3115 100644 --- a/git/refs/symbolic.py +++ b/git/refs/symbolic.py @@ -39,7 +39,6 @@ if TYPE_CHECKING: from git.config import GitConfigParser from git.objects.commit import Actor - from git.refs import Head, TagReference, RemoteReference, Reference from git.refs.log import RefLogEntry from git.repo import Repo @@ -387,17 +386,23 @@ def set_object( # set the commit on our reference return self._get_reference().set_object(object, logmsg) - commit = property( - _get_commit, - set_commit, # type: ignore[arg-type] - doc="Query or set commits directly", - ) + @property + def commit(self) -> "Commit": + """Query or set commits directly""" + return self._get_commit() + + @commit.setter + def commit(self, commit: Union[Commit, "SymbolicReference", str]) -> "SymbolicReference": + return self.set_commit(commit) + + @property + def object(self) -> AnyGitObject: + """Return the object our ref currently refers to""" + return self._get_object() - object = property( - _get_object, - set_object, # type: ignore[arg-type] - doc="Return the object our ref currently refers to", - ) + @object.setter + def object(self, object: Union[AnyGitObject, "SymbolicReference", str]) -> "SymbolicReference": + return self.set_object(object) def _get_reference(self) -> "SymbolicReference": """ @@ -496,12 +501,14 @@ def set_reference( return self # Aliased reference - reference: Union["Head", "TagReference", "RemoteReference", "Reference"] - reference = property( # type: ignore[assignment] - _get_reference, - set_reference, # type: ignore[arg-type] - doc="Returns the Reference we point to", - ) + @property + def reference(self) -> "SymbolicReference": + return self._get_reference() + + @reference.setter + def reference(self, ref: Union[AnyGitObject, "SymbolicReference", str]) -> "SymbolicReference": + return self.set_reference(ref) + ref = reference def is_valid(self) -> bool: diff --git a/git/repo/base.py b/git/repo/base.py index db89cdf41..cbf54f222 100644 --- a/git/repo/base.py +++ b/git/repo/base.py @@ -354,21 +354,19 @@ def __ne__(self, rhs: object) -> bool: def __hash__(self) -> int: return hash(self.git_dir) - # Description property - def _get_description(self) -> str: + @property + def description(self) -> str: + """The project's description""" filename = osp.join(self.git_dir, "description") with open(filename, "rb") as fp: return fp.read().rstrip().decode(defenc) - def _set_description(self, descr: str) -> None: + @description.setter + def description(self, descr: str) -> None: filename = osp.join(self.git_dir, "description") with open(filename, "wb") as fp: fp.write((descr + "\n").encode(defenc)) - description = property(_get_description, _set_description, doc="the project's description") - del _get_description - del _set_description - @property def working_tree_dir(self) -> Optional[PathLike]: """ @@ -885,13 +883,14 @@ def _set_daemon_export(self, value: object) -> None: elif not value and fileexists: os.unlink(filename) - daemon_export = property( - _get_daemon_export, - _set_daemon_export, - doc="If True, git-daemon may export this repository", - ) - del _get_daemon_export - del _set_daemon_export + @property + def daemon_export(self) -> bool: + """If True, git-daemon may export this repository""" + return self._get_daemon_export() + + @daemon_export.setter + def daemon_export(self, value: object) -> None: + self._set_daemon_export(value) def _get_alternates(self) -> List[str]: """The list of alternates for this repo from which objects can be retrieved. @@ -929,11 +928,14 @@ def _set_alternates(self, alts: List[str]) -> None: with open(alternates_path, "wb") as f: f.write("\n".join(alts).encode(defenc)) - alternates = property( - _get_alternates, - _set_alternates, - doc="Retrieve a list of alternates paths or set a list paths to be used as alternates", - ) + @property + def alternates(self) -> List[str]: + """Retrieve a list of alternates paths or set a list paths to be used as alternates""" + return self._get_alternates() + + @alternates.setter + def alternates(self, alts: List[str]) -> None: + self._set_alternates(alts) def is_dirty( self, From 3d979a6c307b2a03f08d4bdbc7fb3716d8c17c94 Mon Sep 17 00:00:00 2001 From: Yuki Kobayashi Date: Tue, 18 Mar 2025 08:22:04 +0000 Subject: [PATCH 33/34] Fix some incorrect sphinx markups in the docstrings Fixed some markups so [the api reference](https://gitpython.readthedocs.io/en/stable/reference.html) is rendered correctly. --- git/index/base.py | 10 +++++----- git/objects/base.py | 4 ++-- git/objects/commit.py | 4 ++-- git/repo/base.py | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/git/index/base.py b/git/index/base.py index 65b1f9308..a95762dca 100644 --- a/git/index/base.py +++ b/git/index/base.py @@ -508,7 +508,7 @@ def iter_blobs( :param predicate: Function(t) returning ``True`` if tuple(stage, Blob) should be yielded by - the iterator. A default filter, the `~git.index.typ.BlobFilter`, allows you + the iterator. A default filter, the :class:`~git.index.typ.BlobFilter`, allows you to yield blobs only if they match a given list of paths. """ for entry in self.entries.values(): @@ -770,7 +770,7 @@ def add( - path string Strings denote a relative or absolute path into the repository pointing - to an existing file, e.g., ``CHANGES``, `lib/myfile.ext``, + to an existing file, e.g., ``CHANGES``, ``lib/myfile.ext``, ``/home/gitrepo/lib/myfile.ext``. Absolute paths must start with working tree directory of this index's @@ -789,7 +789,7 @@ def add( They are added at stage 0. - - :class:~`git.objects.blob.Blob` or + - :class:`~git.objects.blob.Blob` or :class:`~git.objects.submodule.base.Submodule` object Blobs are added as they are assuming a valid mode is set. @@ -815,7 +815,7 @@ def add( - :class:`~git.index.typ.BaseIndexEntry` or type - Handling equals the one of :class:~`git.objects.blob.Blob` objects, but + Handling equals the one of :class:`~git.objects.blob.Blob` objects, but the stage may be explicitly set. Please note that Index Entries require binary sha's. @@ -998,7 +998,7 @@ def remove( The path string may include globs, such as ``*.c``. - - :class:~`git.objects.blob.Blob` object + - :class:`~git.objects.blob.Blob` object Only the path portion is used in this case. diff --git a/git/objects/base.py b/git/objects/base.py index eeaebc09b..faf600c6b 100644 --- a/git/objects/base.py +++ b/git/objects/base.py @@ -122,7 +122,7 @@ def new(cls, repo: "Repo", id: Union[str, "Reference"]) -> AnyGitObject: :return: New :class:`Object` instance of a type appropriate to the object type behind `id`. The id of the newly created object will be a binsha even though the - input id may have been a `~git.refs.reference.Reference` or rev-spec. + input id may have been a :class:`~git.refs.reference.Reference` or rev-spec. :param id: :class:`~git.refs.reference.Reference`, rev-spec, or hexsha. @@ -218,7 +218,7 @@ class IndexObject(Object): """Base for all objects that can be part of the index file. The classes representing git object types that can be part of the index file are - :class:`~git.objects.tree.Tree and :class:`~git.objects.blob.Blob`. In addition, + :class:`~git.objects.tree.Tree` and :class:`~git.objects.blob.Blob`. In addition, :class:`~git.objects.submodule.base.Submodule`, which is not really a git object type but can be part of an index file, is also a subclass. """ diff --git a/git/objects/commit.py b/git/objects/commit.py index 0ceb46609..fbe0ee9c0 100644 --- a/git/objects/commit.py +++ b/git/objects/commit.py @@ -289,7 +289,7 @@ def name_rev(self) -> str: """ :return: String describing the commits hex sha based on the closest - `~git.refs.reference.Reference`. + :class:`~git.refs.reference.Reference`. :note: Mostly useful for UI purposes. @@ -349,7 +349,7 @@ def iter_items( return cls._iter_from_process_or_stream(repo, proc) def iter_parents(self, paths: Union[PathLike, Sequence[PathLike]] = "", **kwargs: Any) -> Iterator["Commit"]: - R"""Iterate _all_ parents of this commit. + R"""Iterate *all* parents of this commit. :param paths: Optional path or list of paths limiting the :class:`Commit`\s to those that diff --git a/git/repo/base.py b/git/repo/base.py index cbf54f222..7e918df8c 100644 --- a/git/repo/base.py +++ b/git/repo/base.py @@ -512,7 +512,7 @@ def create_submodule(self, *args: Any, **kwargs: Any) -> Submodule: def iter_submodules(self, *args: Any, **kwargs: Any) -> Iterator[Submodule]: """An iterator yielding Submodule instances. - See the `~git.objects.util.Traversable` interface for a description of `args` + See the :class:`~git.objects.util.Traversable` interface for a description of `args` and `kwargs`. :return: From 1abb399b90994f61b81c1aa4be608a85b07b73c7 Mon Sep 17 00:00:00 2001 From: Nathan Goldbaum Date: Tue, 25 Mar 2025 09:20:48 -0600 Subject: [PATCH 34/34] replace quansight-labs/setup-python with actions/setup-python --- .github/workflows/pythonpackage.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 5bedb6107..61088237d 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -44,20 +44,11 @@ jobs: fetch-depth: 0 - name: Set up Python ${{ matrix.python-version }} - if: |- - !endsWith(matrix.python-version, 't') uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} allow-prereleases: ${{ matrix.experimental }} - - name: Set up Python ${{ matrix.python-version }} (free-threaded) - if: endsWith(matrix.python-version, 't') - uses: Quansight-Labs/setup-python@v5 - with: - python-version: ${{ matrix.python-version }} - allow-prereleases: ${{ matrix.experimental }} - - name: Set up WSL (Windows) if: matrix.os-type == 'windows' uses: Vampire/setup-wsl@v5.0.0