From 83e961ad61475faa7163d722f844f8d9da5cfbde Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= <opohorel@redhat.com>
Date: Mon, 27 Sep 2021 18:48:27 +0200
Subject: [PATCH 1/4] update to 2.33.0

contrib/hooks/multimail is no longer distributed with git

The multimail hook was removed from the git contrib tree.  From the
upstream commit f74d11471f (multimail: stop shipping a copy,
2021-06-10):

The multimail project is developed independently and has its own project
page. Traditionally, we shipped a copy in contrib/.
However, such a copy is prone to become stale, and users are much better
served to be directed to the actual project instead.
---
 git.spec | 27 +++++++++------------------
 sources  |  4 ++--
 2 files changed, 11 insertions(+), 20 deletions(-)

diff --git a/git.spec b/git.spec
index 3be65ef..02300e7 100644
--- a/git.spec
+++ b/git.spec
@@ -79,8 +79,8 @@
 #global rcrev   .rc0
 
 Name:           git
-Version:        2.32.0
-Release:        1%{?rcrev}%{?dist}.1
+Version:        2.33.0
+Release:        1%{?rcrev}%{?dist}
 Summary:        Fast Version Control System
 License:        GPLv2
 URL:            https://git-scm.com/
@@ -588,25 +588,17 @@ export SOURCE_DATE_EPOCH=$(date -r version +%%s 2>/dev/null)
 # Fix shebang in a few places to silence rpmlint complaints
 %if %{with python2}
 sed -i -e '1s@#! */usr/bin/env python$@#!%{__python2}@' \
-    contrib/fast-import/import-zips.py \
-    contrib/hooks/multimail/git_multimail.py \
-    contrib/hooks/multimail/migrate-mailhook-config \
-    contrib/hooks/multimail/post-receive.example
+    contrib/fast-import/import-zips.py
 %else
 # Remove contrib/fast-import/import-zips.py which requires python2.
 rm -rf contrib/fast-import/import-zips.py
 %endif
 # endif with python2
 
-# The multimail hook is installed with git.  Use python3 to avoid an
-# unnecessary python2 dependency, if possible.  Also fix contrib/hg-to-git
-# while here.
+# Use python3 to avoid an unnecessary python2 dependency, if possible.
 %if %{with python3}
 sed -i -e '1s@#!\( */usr/bin/env python\|%{__python2}\)$@#!%{__python3}@' \
-    contrib/hg-to-git/hg-to-git.py \
-    contrib/hooks/multimail/git_multimail.py \
-    contrib/hooks/multimail/migrate-mailhook-config \
-    contrib/hooks/multimail/post-receive.example
+    contrib/hg-to-git/hg-to-git.py
 %endif
 # endif with python3
 
@@ -705,9 +697,6 @@ mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion
 install -pm 644 contrib/completion/git-completion.tcsh \
     %{buildroot}%{_datadir}/git-core/contrib/completion/
 
-# Drop .py extension from git_multimail to avoid byte-compiling
-mv contrib/hooks/multimail/git_multimail{.py,}
-
 # Move contrib/hooks out of %%docdir
 mkdir -p %{buildroot}%{_datadir}/git-core/contrib
 mv contrib/hooks %{buildroot}%{_datadir}/git-core/contrib
@@ -869,7 +858,6 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %endif
 # endif with emacs
 %{_datadir}/git-core/contrib/diff-highlight
-%{_datadir}/git-core/contrib/hooks/multimail
 %{_datadir}/git-core/contrib/hooks/update-paranoid
 %{_datadir}/git-core/contrib/hooks/setgitperms.perl
 %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample
@@ -886,7 +874,6 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %license COPYING
 # exclude is best way here because of troubles with symlinks inside git-core/
 %exclude %{_datadir}/git-core/contrib/diff-highlight
-%exclude %{_datadir}/git-core/contrib/hooks/multimail
 %exclude %{_datadir}/git-core/contrib/hooks/update-paranoid
 %exclude %{_datadir}/git-core/contrib/hooks/setgitperms.perl
 %exclude %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample
@@ -997,6 +984,10 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %{?with_docs:%{_pkgdocdir}/git-svn.html}
 
 %changelog
+* Mon Sep 27 2021 Ondřej Pohořelský <opohorel@redhat.com> - 2.33.0-1
+- update to 2.33.0
+- contrib/hooks/multimail is no longer distributed with git
+
 * Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.32.0-1.1
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 
diff --git a/sources b/sources
index 56ef012..9d2e906 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.32.0.tar.xz) = 1ab3e7022ccee411d14a7da5c37d6259ef5c0f85ebed8f49698e25c65cbc7a46f8096919fcb6568360bfe284dd7475b596eee1a167db966096255a405853837c
-SHA512 (git-2.32.0.tar.sign) = 0f21129c6993a2b1742152829a33064205fb148bd3e26fd3a5f996c31ff920c9f0f22e259d2159eef24b75ac3a592c3152277e5046506e1aabc765bc25f583b9
+SHA512 (git-2.33.0.tar.xz) = 1abbcdf9ff640c95934b6a78341baa76ac3a5838c4751f513f334fdf5a3760c730e309f05ad16ffec115896e3e0c750c116683f6a787d92757ee9d916a346bfd
+SHA512 (git-2.33.0.tar.sign) = 5d6788588a1cb87874ac09d4b0a30b0280d00872617aff2dbae3d1f25eda35095d00b0451c03f262da6c991c46c228f4dcdf02456805b497ffd8ba5bddd942fe

From f4cb043825e4a2bec74cad4eaf1d6500f83943af Mon Sep 17 00:00:00 2001
From: Todd Zullinger <tmz@pobox.com>
Date: Tue, 12 Oct 2021 20:42:06 -0400
Subject: [PATCH 2/4] update to 2.33.1

Release notes:
https://github.com/git/git/raw/v2.33.1/Documentation/RelNotes/2.33.1.txt
---
 0001-doc-add-bundle-format-to-TECH_DOCS.patch | 28 +++++++++++++++++++
 git.spec                                      |  9 +++++-
 sources                                       |  4 +--
 3 files changed, 38 insertions(+), 3 deletions(-)
 create mode 100644 0001-doc-add-bundle-format-to-TECH_DOCS.patch

diff --git a/0001-doc-add-bundle-format-to-TECH_DOCS.patch b/0001-doc-add-bundle-format-to-TECH_DOCS.patch
new file mode 100644
index 0000000..6f03eb1
--- /dev/null
+++ b/0001-doc-add-bundle-format-to-TECH_DOCS.patch
@@ -0,0 +1,28 @@
+From c221f23ebe2defeb31cfcab6387f8985b5c863bb Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz@pobox.com>
+Date: Tue, 12 Oct 2021 21:00:55 -0400
+Subject: [PATCH] doc: add bundle-format to TECH_DOCS
+
+A link to the bundle-format was added in 5c8273d57c (bundle doc: rewrite
+the "DESCRIPTION" section, 2021-07-31).
+
+Ensure `technical/bundle-format.html` is created to avoid a broken link
+in `git-bundle.html`.
+
+Signed-off-by: Todd Zullinger <tmz@pobox.com>
+---
+ Documentation/Makefile | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Documentation/Makefile b/Documentation/Makefile
+index f5605b7767..2021568cd5 100644
+--- a/Documentation/Makefile
++++ b/Documentation/Makefile
+@@ -90,6 +90,7 @@ SP_ARTICLES += $(API_DOCS)
+ TECH_DOCS += MyFirstContribution
+ TECH_DOCS += MyFirstObjectWalk
+ TECH_DOCS += SubmittingPatches
++TECH_DOCS += technical/bundle-format
+ TECH_DOCS += technical/hash-function-transition
+ TECH_DOCS += technical/http-protocol
+ TECH_DOCS += technical/index-format
diff --git a/git.spec b/git.spec
index 02300e7..495ef1b 100644
--- a/git.spec
+++ b/git.spec
@@ -79,7 +79,7 @@
 #global rcrev   .rc0
 
 Name:           git
-Version:        2.33.0
+Version:        2.33.1
 Release:        1%{?rcrev}%{?dist}
 Summary:        Fast Version Control System
 License:        GPLv2
@@ -112,6 +112,10 @@ Source99:       print-failed-test-output
 # https://bugzilla.redhat.com/490602
 Patch0:         git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
 
+# fix the broken link in git-bundle.html
+# https://lore.kernel.org/git/20211013032852.959985-1-tmz@pobox.com/
+Patch1:         0001-doc-add-bundle-format-to-TECH_DOCS.patch
+
 %if %{with docs}
 # pod2man is needed to build Git.3pm
 BuildRequires:  %{_bindir}/pod2man
@@ -984,6 +988,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %{?with_docs:%{_pkgdocdir}/git-svn.html}
 
 %changelog
+* Wed Oct 13 2021 Todd Zullinger <tmz@pobox.com> - 2.33.1-1
+- update to 2.33.1
+
 * Mon Sep 27 2021 Ondřej Pohořelský <opohorel@redhat.com> - 2.33.0-1
 - update to 2.33.0
 - contrib/hooks/multimail is no longer distributed with git
diff --git a/sources b/sources
index 9d2e906..3340d14 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.33.0.tar.xz) = 1abbcdf9ff640c95934b6a78341baa76ac3a5838c4751f513f334fdf5a3760c730e309f05ad16ffec115896e3e0c750c116683f6a787d92757ee9d916a346bfd
-SHA512 (git-2.33.0.tar.sign) = 5d6788588a1cb87874ac09d4b0a30b0280d00872617aff2dbae3d1f25eda35095d00b0451c03f262da6c991c46c228f4dcdf02456805b497ffd8ba5bddd942fe
+SHA512 (git-2.33.1.tar.xz) = 16d417183232e1057bea754d59cdf4bbacc5f1527d1de6ee04cdd293a2512bfa7208e20f6130816605528b59cb1bc3188c5bddf1a42c1413095ee74e44dd2f91
+SHA512 (git-2.33.1.tar.sign) = b1a8d3b4ebbf5db43eb1234446b903d62637999390e59f94b9793bf8c8c302ff6d7b74f48cdfe3b4a304f767641ccba96479ddf5a19c6e6d4861da1e568e9760

From 09bdf41b741ecb47fd16829996306810492a3812 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= <opohorel@redhat.com>
Date: Thu, 11 Nov 2021 16:19:59 +0100
Subject: [PATCH 3/4] add Perl requires to git-email

Resolves: rhbz#2020487

In git version 2.33.0, git-send-email.perl has optimized modules
loading[1]. This resulted in perl.req not detecting requires properly,
because it doesn't detect requires that are not at the start of new line.
This commit adds explicit Requires into the spec file.

[1]https://github.com/git/git/commit/f4dc9432fd287bde9100488943baf3c6a04d90d1
---
 git.spec | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/git.spec b/git.spec
index 495ef1b..530f674 100644
--- a/git.spec
+++ b/git.spec
@@ -80,7 +80,7 @@
 
 Name:           git
 Version:        2.33.1
-Release:        1%{?rcrev}%{?dist}
+Release:        2%{?rcrev}%{?dist}
 Summary:        Fast Version Control System
 License:        GPLv2
 URL:            https://git-scm.com/
@@ -389,6 +389,16 @@ BuildArch:      noarch
 Requires:       git = %{version}-%{release}
 Requires:       perl(Authen::SASL)
 Requires:       perl(Net::SMTP::SSL)
+Requires:       perl(Cwd)
+Requires:       perl(File::Spec::Functions)
+Requires:       perl(File::Temp)
+Requires:       perl(Mail::Address)
+Requires:       perl(Net::Domain)
+Requires:       perl(Net::SMTP)
+Requires:       perl(POSIX)
+Requires:       perl(Term::ANSIColor)
+Requires:       perl(Term::ReadLine)
+Requires:       perl(Text::ParseWords)
 %description email
 %{summary}.
 
@@ -988,6 +998,10 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %{?with_docs:%{_pkgdocdir}/git-svn.html}
 
 %changelog
+* Thu Nov 11 2021 Ondřej Pohořelský <opohorel@redhat.com> - 2.33.1-2
+- add Perl requires to git-email
+- Resolves: rhbz#2020487
+
 * Wed Oct 13 2021 Todd Zullinger <tmz@pobox.com> - 2.33.1-1
 - update to 2.33.1
 

From d4f20c985f6aebd8bf7fe14d9f02c8dfffc7bd8c Mon Sep 17 00:00:00 2001
From: Todd Zullinger <tmz@pobox.com>
Date: Mon, 18 Apr 2022 14:50:44 -0400
Subject: [PATCH 4/4] update to 2.35.3 (#2073414, CVE-2022-24765)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Per the upstream release notes from 2.30.3¹:

    This release addresses the security issue CVE-2022-24765.

     * CVE-2022-24765:
       On multi-user machines, Git users might find themselves
       unexpectedly in a Git worktree, e.g. when another user created a
       repository in `C:\.git`, in a mounted network drive or in a
       scratch space. Merely having a Git-aware prompt that runs `git
       status` (or `git diff`) and navigating to a directory which is
       supposedly not a Git worktree, or opening such a directory in an
       editor or IDE such as VS Code or Atom, will potentially run
       commands defined by that other user.

and 2.30.4²:

    This release contains minor fix-ups for the changes that went into
    Git 2.30.3, which was made to address CVE-2022-24765.

     * The code that was meant to parse the new `safe.directory`
       configuration variable was not checking what configuration
       variable was being fed to it, which has been corrected.

     * '*' can be used as the value for the `safe.directory` variable to
       signal that the user considers that any directory is safe.

¹ https://github.com/git/git/raw/v2.30.3/Documentation/RelNotes/2.30.3.txt
² https://github.com/git/git/raw/v2.30.4/Documentation/RelNotes/2.30.4.txt
---
 git.spec | 5 ++++-
 sources  | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/git.spec b/git.spec
index b8ea26b..58e9160 100644
--- a/git.spec
+++ b/git.spec
@@ -83,7 +83,7 @@
 #global rcrev   .rc0
 
 Name:           git
-Version:        2.35.1
+Version:        2.35.3
 Release:        1%{?rcrev}%{?dist}
 Summary:        Fast Version Control System
 License:        GPLv2
@@ -1018,6 +1018,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %{?with_docs:%{_pkgdocdir}/git-svn.html}
 
 %changelog
+* Mon Apr 18 2022 Todd Zullinger <tmz@pobox.com> - 2.35.3-1
+- update to 2.35.3 (#2073414, CVE-2022-24765)
+
 * Sat Jan 29 2022 Todd Zullinger <tmz@pobox.com> - 2.35.1-1
 - update to 2.35.1
 
diff --git a/sources b/sources
index 4095968..92d5b62 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.35.1.tar.xz) = 926c6813ef61931e1a1c43dfd7b15e20dc5878c1752876bd08f039249c9ed09f20f096b2f01947de9c9522c942e9fa8c1363d7d31a488bbe3f93c0cff31fcbcb
-SHA512 (git-2.35.1.tar.sign) = 27adbb0628a18ae13ce76c2812c2f2a8a9da002105ca1f550a864ae769a27efa697ab7cbd8582e69be99d8731fe2f53895321c3a71990ffbcfe1e7f2064fd9b7
+SHA512 (git-2.35.3.tar.xz) = c92f8663988c57702bb5ee542ac8f36e8a43d377d16106ee462ce0b0a575b9d51baaafc654bf1821fbea2fe476ffd64d7fb87084c7de4dd8065b01d5083492c5
+SHA512 (git-2.35.3.tar.sign) = 5a4d300eb30af4cf8723110a25189b3d252f3e816ee9446aec0629fad21cb53ff95e3e6a00259d81589e7bae015b0209098391a44a52290b4f5f926b8fcd1852