Fix git clone memory exhaustion (CVE-2017-15298)

Cherry-pick upstream patch from a937b37e76 (revision: quit pruning diff
more quickly when possible, 2017-10-13)¹.

Resolves: #1510455, #1510457

¹ a937b37e76

.mailmap

@@ -1,18 +0,0 @@
-<atkac@redhat.com> <atkac@fedoraproject.org>
-<atkac@redhat.com> <vonsch@gmail.com>
-<bernie@codewiz.org> <bernie@fedoraproject.org>
-<Christian.Iseli@licr.org> <c4chris@fedoraproject.org>
-<dennis@ausil.us> <ausil@fedoraproject.org>
-<dwmw2@infradead.org> <David.Woodhouse@intel.com>
-James Bowes <jbowes@redhat.com> <jbowes@fedoraproject.org>
-<jkeating@redhat.com> <jkeating@fedoraproject.org>
-Josh Boyer <jwboyer@gmail.com> <jwboyer@fedoraproject.org>
-<katzj@redhat.com> <katzj@fedoraproject.org>
-<lkundrak@redhat.com> <lkundrak@fedoraproject.org>
-<mmaslano@redhat.com> <mmaslano@fedoraproject.org>
-<releng@fedoraproject.org> <rel-eng@lists.fedoraproject.org>
-<skasal@redhat.com> <kasal@fedoraproject.org>
-<tmraz@redhat.com> <tmraz@fedoraproject.org>
-<tmz@pobox.com> <tmz@fedoraproject.org>
-<ville.skytta@iki.fi> <scop@fedoraproject.org>
-<xavier@bachelot.org> <xavierb@fedoraproject.org>

0001-Add-test-for-ls-tree-with-broken-symlink-under-refs-.patch

@@ -0,0 +1,33 @@
+From 45eb1ba86022558d71a9946ccbe173ba5d8f1e37 Mon Sep 17 00:00:00 2001
+From: Petr Stodulka <pstodulk@redhat.com>
+Date: Thu, 13 Oct 2016 13:23:47 +0200
+Subject: [PATCH 1/2] Add test for ls-tree with broken symlink under refs/heads
+
+git ls-tree goes into an infinite loop while serving pretty vanilla requests,
+if the refs/heads/ directory contains a symlink that's broken. Added test
+which check if git ends with expected exit code or timeout expires.
+---
+ t/t3103-ls-tree-misc.sh | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/t/t3103-ls-tree-misc.sh b/t/t3103-ls-tree-misc.sh
+index 09dcf04..faf79c4 100755
+--- a/t/t3103-ls-tree-misc.sh
++++ b/t/t3103-ls-tree-misc.sh
+@@ -21,4 +21,13 @@ test_expect_success 'ls-tree fails with non-zero exit code on broken tree' '
+ 	test_must_fail git ls-tree -r HEAD
+ '
+ 
++test_expect_success 'ls-tree fails due to broken symlink instead of infinite loop' '
++	mkdir foo_infinit &&
++	cd foo_infinit &&
++	git init testrepo &&
++	cd testrepo &&
++	mkdir -p .git/refs/remotes &&
++	ln -s ../remotes/foo .git/refs/heads/bar &&
++	test_expect_code 128 timeout 2 git ls-tree bar
++'
+ test_done
+-- 
+2.5.5
+

0001-blame-fix-segfault-on-untracked-files.patch

@@ -0,0 +1,63 @@
+From bc6b13a7d2300e982dd3a3aeef2f3ad4d39cf149 Mon Sep 17 00:00:00 2001
+From: Thomas Gummerer <t.gummerer@gmail.com>
+Date: Sat, 27 Aug 2016 21:01:50 +0100
+Subject: [PATCH] blame: fix segfault on untracked files
+
+Since 3b75ee9 ("blame: allow to blame paths freshly added to the index",
+2016-07-16) git blame also looks at the index to determine if there is a
+file that was freshly added to the index.
+
+cache_name_pos returns -pos - 1 in case there is no match is found, or
+if the name matches, but the entry has a stage other than 0.  As git
+blame should work for unmerged files, it uses strcmp to determine
+whether the name of the returned position matches, in which case the
+file exists, but is merely unmerged, or if the file actually doesn't
+exist in the index.
+
+If the repository is empty, or if the file would lexicographically be
+sorted as the last file in the repository, -cache_name_pos - 1 is
+outside of the length of the active_cache array, causing git blame to
+segfault.  Guard against that, and die() normally to restore the old
+behaviour.
+
+Reported-by: Simon Ruderich <simon@ruderich.org>
+Signed-off-by: Thomas Gummerer <t.gummerer@gmail.com>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+---
+ builtin/blame.c  | 3 ++-
+ t/t8002-blame.sh | 5 +++++
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/builtin/blame.c b/builtin/blame.c
+index 12c765acfe..4d52f9602e 100644
+--- a/builtin/blame.c
++++ b/builtin/blame.c
+@@ -2245,7 +2245,8 @@ static void verify_working_tree_path(struct commit *work_tree, const char *path)
+ 	pos = cache_name_pos(path, strlen(path));
+ 	if (pos >= 0)
+ 		; /* path is in the index */
+-	else if (!strcmp(active_cache[-1 - pos]->name, path))
++	else if (-1 - pos < active_nr &&
++		 !strcmp(active_cache[-1 - pos]->name, path))
+ 		; /* path is in the index, unmerged */
+ 	else
+ 		die("no such path '%s' in HEAD", path);
+diff --git a/t/t8002-blame.sh b/t/t8002-blame.sh
+index ff09aced68..ab79de9544 100755
+--- a/t/t8002-blame.sh
++++ b/t/t8002-blame.sh
+@@ -6,6 +6,11 @@ test_description='git blame'
+ PROG='git blame -c'
+ . "$TEST_DIRECTORY"/annotate-tests.sh
+ 
++test_expect_success 'blame untracked file in empty repo' '
++	>untracked &&
++	test_must_fail git blame untracked
++'
++
+ PROG='git blame -c -e'
+ test_expect_success 'blame --show-email' '
+ 	check_count \
+-- 
+2.11.0
+

0001-revision-quit-pruning-diff-more-quickly-when-possibl.patch

@@ -0,0 +1,129 @@
+From 0523d90a901e5cb6116e725f02c7f80a444405b6 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Fri, 13 Oct 2017 11:27:45 -0400
+Subject: [PATCH] revision: quit pruning diff more quickly when possible
+
+When the revision traversal machinery is given a pathspec,
+we must compute the parent-diff for each commit to determine
+which ones are TREESAME. We set the QUICK diff flag to avoid
+looking at more entries than we need; we really just care
+whether there are any changes at all.
+
+But there is one case where we want to know a bit more: if
+--remove-empty is set, we care about finding cases where the
+change consists only of added entries (in which case we may
+prune the parent in try_to_simplify_commit()). To cover that
+case, our file_add_remove() callback does not quit the diff
+upon seeing an added entry; it keeps looking for other types
+of entries.
+
+But this means when --remove-empty is not set (and it is not
+by default), we compute more of the diff than is necessary.
+You can see this in a pathological case where a commit adds
+a very large number of entries, and we limit based on a
+broad pathspec. E.g.:
+
+  perl -e '
+    chomp(my $blob = `git hash-object -w --stdin </dev/null`);
+    for my $a (1..1000) {
+      for my $b (1..1000) {
+        print "100644 $blob\t$a/$b\n";
+      }
+    }
+  ' | git update-index --index-info
+  git commit -qm add
+
+  git rev-list HEAD -- .
+
+This case takes about 100ms now, but after this patch only
+needs 6ms. That's not a huge improvement, but it's easy to
+get and it protects us against even more pathological cases
+(e.g., going from 1 million to 10 million files would take
+ten times as long with the current code, but not increase at
+all after this patch).
+
+This is reported to minorly speed-up pathspec limiting in
+real world repositories (like the 100-million-file Windows
+repository), but probably won't make a noticeable difference
+outside of pathological setups.
+
+This patch actually covers the case without --remove-empty,
+and the case where we see only deletions. See the in-code
+comment for details.
+
+Note that we have to add a new member to the diff_options
+struct so that our callback can see the value of
+revs->remove_empty_trees. This callback parameter could be
+passed to the "add_remove" and "change" callbacks, but
+there's not much point. They already receive the
+diff_options struct, and doing it this way avoids having to
+update the function signature of the other callbacks
+(arguably the format_callback and output_prefix functions
+could benefit from the same simplification).
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit a937b37e766479c8e780b17cce9c4b252fd97e40)
+---
+ diff.h     |  1 +
+ revision.c | 16 +++++++++++++---
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/diff.h b/diff.h
+index 125447be09..e37d93ec0a 100644
+--- a/diff.h
++++ b/diff.h
+@@ -171,6 +171,7 @@ struct diff_options {
+ 	pathchange_fn_t pathchange;
+ 	change_fn_t change;
+ 	add_remove_fn_t add_remove;
++	void *change_fn_data;
+ 	diff_format_fn_t format_callback;
+ 	void *format_callback_data;
+ 	diff_prefix_fn_t output_prefix;
+diff --git a/revision.c b/revision.c
+index fe0f3a4f41..361ae5eb16 100644
+--- a/revision.c
++++ b/revision.c
+@@ -394,8 +394,16 @@ static struct commit *one_relevant_parent(const struct rev_info *revs,
+  * if the whole diff is removal of old data, and otherwise
+  * REV_TREE_DIFFERENT (of course if the trees are the same we
+  * want REV_TREE_SAME).
+- * That means that once we get to REV_TREE_DIFFERENT, we do not
+- * have to look any further.
++ *
++ * The only time we care about the distinction is when
++ * remove_empty_trees is in effect, in which case we care only about
++ * whether the whole change is REV_TREE_NEW, or if there's another type
++ * of change. Which means we can stop the diff early in either of these
++ * cases:
++ *
++ *   1. We're not using remove_empty_trees at all.
++ *
++ *   2. We saw anything except REV_TREE_NEW.
+  */
+ static int tree_difference = REV_TREE_SAME;
+ 
+@@ -406,9 +414,10 @@ static void file_add_remove(struct diff_options *options,
+ 		    const char *fullpath, unsigned dirty_submodule)
+ {
+ 	int diff = addremove == '+' ? REV_TREE_NEW : REV_TREE_OLD;
++	struct rev_info *revs = options->change_fn_data;
+ 
+ 	tree_difference |= diff;
+-	if (tree_difference == REV_TREE_DIFFERENT)
++	if (!revs->remove_empty_trees || tree_difference != REV_TREE_NEW)
+ 		DIFF_OPT_SET(options, HAS_CHANGES);
+ }
+ 
+@@ -1348,6 +1357,7 @@ void init_revisions(struct rev_info *revs, const char *prefix)
+ 	DIFF_OPT_SET(&revs->pruning, QUICK);
+ 	revs->pruning.add_remove = file_add_remove;
+ 	revs->pruning.change = file_change;
++	revs->pruning.change_fn_data = revs;
+ 	revs->sort_order = REV_SORT_IN_GRAPH_ORDER;
+ 	revs->dense = 1;
+ 	revs->prefix = prefix;
+-- 
+2.15.0
+

0001-t-lib-httpd-try-harder-to-find-a-port-for-apache.patch

@@ -1,73 +0,0 @@
-From 89ccbc15948db9ddbf74530e3fd66dd78ae897ae Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz@pobox.com>
-Date: Sun, 21 Aug 2022 13:49:57 -0400
-Subject: [PATCH] t/lib-httpd: try harder to find a port for apache
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-When running multiple builds concurrently, tests which run daemons, like
-apache httpd, sometimes conflict with each other, leading to spurious
-failures:
-
-    ++ /usr/sbin/httpd -d '/tmp/git-t.ck9I/trash directory.t9118-git-svn-funky-branch-names/httpd' \
-       -f /builddir/build/BUILD/git-2.37.2/t/lib-httpd/apache.conf -DDAV -DSVN -c 'Listen 127.0.0.1:9118' \
-       -k start
-    (98)Address already in use: AH00072: make_sock: could not bind to address 127.0.0.1:9118
-    no listening sockets available, shutting down
-    AH00015: Unable to open logs
-    ++ test 1 -ne 0
-
-Try a bit harder to find an open port to use to avoid these intermittent
-failures.  If we fail to start httpd, increment the port number and try
-again.  By default, we make 3 attempts.  This may be overridden by
-setting GIT_TEST_START_HTTPD_TRIES to a different value.
-
-Helped-by: Ondřej Pohořelský <opohorel@redhat.com>
-Signed-off-by: Todd Zullinger <tmz@pobox.com>
----
- t/lib-httpd.sh | 29 ++++++++++++++++++-----------
- 1 file changed, 18 insertions(+), 11 deletions(-)
-
-diff --git a/t/lib-httpd.sh b/t/lib-httpd.sh
-index 2fb1b2ae56..4afdf5a6aa 100644
---- a/t/lib-httpd.sh
-+++ b/t/lib-httpd.sh
-@@ -206,19 +206,26 @@ enable_cgipassauth () {
- }
- 
- start_httpd() {
--	prepare_httpd >&3 2>&4
--
- 	test_atexit stop_httpd
- 
--	"$LIB_HTTPD_PATH" -d "$HTTPD_ROOT_PATH" \
--		-f "$TEST_PATH/apache.conf" $HTTPD_PARA \
--		-c "Listen 127.0.0.1:$LIB_HTTPD_PORT" -k start \
--		>&3 2>&4
--	if test $? -ne 0
--	then
--		cat "$HTTPD_ROOT_PATH"/error.log >&4 2>/dev/null
--		test_skip_or_die GIT_TEST_HTTPD "web server setup failed"
--	fi
-+	i=0
-+	while test $i -lt ${GIT_TEST_START_HTTPD_TRIES:-3}
-+	do
-+		i=$(($i + 1))
-+		prepare_httpd >&3 2>&4
-+		say >&3 "Starting httpd on port $LIB_HTTPD_PORT"
-+		"$LIB_HTTPD_PATH" -d "$HTTPD_ROOT_PATH" \
-+			-f "$TEST_PATH/apache.conf" $HTTPD_PARA \
-+			-c "Listen 127.0.0.1:$LIB_HTTPD_PORT" -k start \
-+			>&3 2>&4
-+		test $? -eq 0 && return
-+		LIB_HTTPD_PORT=$(($LIB_HTTPD_PORT + 1))
-+		export LIB_HTTPD_PORT
-+		# clean up modules symlink, prepare_httpd will re-create it
-+		rm -f "$HTTPD_ROOT_PATH/modules"
-+	done
-+	cat "$HTTPD_ROOT_PATH"/error.log >&4 2>/dev/null
-+	test_skip_or_die GIT_TEST_HTTPD "web server setup failed"
- }
- 
- stop_httpd() {

0002-resolve_ref_unsafe-limit-the-number-of-stat_ref-retr.patch

@@ -0,0 +1,74 @@
+From 5bc590cd3ce202243cd1c3ee22104bcb4f3b6c4e Mon Sep 17 00:00:00 2001
+From: Michael Haggerty <mhagger@alum.mit.edu>
+Date: Wed, 25 Mar 2015 22:33:11 +0100
+Subject: [PATCH 2/2] resolve_ref_unsafe(): limit the number of "stat_ref"
+ retries
+
+If there is a broken symlink where a loose reference file is expected,
+then the attempt to open() it fails with ENOENT. This error is
+misinterpreted to mean that the loose reference file itself has
+disappeared due to a race, causing the lookup to be retried. But in
+this scenario, the retries all suffer from the same problem, causing
+an infinite loop.
+
+So put a limit (of 5) on the number of times that the stat_ref step
+can be retried.
+
+Based-on-patch-by: Petr Stodulka <pstodulk@redhat.com>
+Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
+---
+ refs/files-backend.c | 6 ++++--
+ refs/refs-internal.h | 6 ++++++
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/refs/files-backend.c b/refs/files-backend.c
+index d16feb1..245a0b5 100644
+--- a/refs/files-backend.c
++++ b/refs/files-backend.c
+@@ -1353,6 +1353,7 @@ static int files_read_raw_ref(struct ref_store *ref_store,
+ 	int fd;
+ 	int ret = -1;
+ 	int save_errno;
++	int retries = 0;
+ 
+ 	strbuf_reset(&sb_path);
+ 	strbuf_git_path(&sb_path, "%s", refname);
+@@ -1390,7 +1391,8 @@ static int files_read_raw_ref(struct ref_store *ref_store,
+ 	if (S_ISLNK(st.st_mode)) {
+ 		strbuf_reset(&sb_contents);
+ 		if (strbuf_readlink(&sb_contents, path, 0) < 0) {
+-			if (errno == ENOENT || errno == EINVAL)
++			if ((errno == ENOENT || errno == EINVAL) &&
++				retries++ < MAXRETRIES) 
+ 				/* inconsistent with lstat; retry */
+ 				goto stat_ref;
+ 			else
+@@ -1426,7 +1428,7 @@ static int files_read_raw_ref(struct ref_store *ref_store,
+ 	 */
+ 	fd = open(path, O_RDONLY);
+ 	if (fd < 0) {
+-		if (errno == ENOENT)
++		if (errno == ENOENT && retries++ < MAXRETRIES)
+ 			/* inconsistent with lstat; retry */
+ 			goto stat_ref;
+ 		else
+diff --git a/refs/refs-internal.h b/refs/refs-internal.h
+index 708b260..37e6b99 100644
+--- a/refs/refs-internal.h
++++ b/refs/refs-internal.h
+@@ -255,6 +255,12 @@ int rename_ref_available(const char *old_refname, const char *new_refname);
+ /* We allow "recursive" symbolic refs. Only within reason, though */
+ #define SYMREF_MAXDEPTH 5
+ 
++/* 
++ * We allow only MAXRETRIES tries to jump on stat_ref, because of possible
++ * infinite loop
++ */
++#define MAXRETRIES 5
++
+ /* Include broken references in a do_for_each_ref*() iteration: */
+ #define DO_FOR_EACH_INCLUDE_BROKEN 0x01
+ 
+-- 
+2.5.5
+

0002-t-lib-git-daemon-try-harder-to-find-a-port.patch

@@ -1,88 +0,0 @@
-From e90e1068ddc9cfa3badd23b16a46c57ed6d8308a Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz@pobox.com>
-Date: Fri, 26 Aug 2022 18:28:44 -0400
-Subject: [PATCH] t/lib-git-daemon: try harder to find a port
-
-As with the previous commit, try harder to find an open port to avoid
-intermittent failures on busy/shared build systems.
-
-By default, we make 3 attempts.  This may be overridden by setting
-GIT_TEST_START_GIT_DAEMON_TRIES to a different value.
-
-Signed-off-by: Todd Zullinger <tmz@pobox.com>
----
- t/lib-git-daemon.sh | 60 ++++++++++++++++++++++++++++-----------------
- 1 file changed, 37 insertions(+), 23 deletions(-)
-
-diff --git a/t/lib-git-daemon.sh b/t/lib-git-daemon.sh
-index e62569222b..c3e8dda9ff 100644
---- a/t/lib-git-daemon.sh
-+++ b/t/lib-git-daemon.sh
-@@ -51,30 +51,44 @@ start_git_daemon() {
- 		registered_stop_git_daemon_atexit_handler=AlreadyDone
- 	fi
- 
--	say >&3 "Starting git daemon ..."
--	mkfifo git_daemon_output
--	${LIB_GIT_DAEMON_COMMAND:-git daemon} \
--		--listen=127.0.0.1 --port="$LIB_GIT_DAEMON_PORT" \
--		--reuseaddr --verbose --pid-file="$GIT_DAEMON_PIDFILE" \
--		--base-path="$GIT_DAEMON_DOCUMENT_ROOT_PATH" \
--		"$@" "$GIT_DAEMON_DOCUMENT_ROOT_PATH" \
--		>&3 2>git_daemon_output &
--	GIT_DAEMON_PID=$!
--	{
--		read -r line <&7
--		printf "%s\n" "$line" >&4
--		cat <&7 >&4 &
--	} 7<git_daemon_output &&
-+	i=0
-+	while test $i -lt ${GIT_TEST_START_GIT_DAEMON_TRIES:-3}
-+	do
-+		say >&3 "Starting git daemon on port $LIB_GIT_DAEMON_PORT ..."
-+		mkfifo git_daemon_output
-+		${LIB_GIT_DAEMON_COMMAND:-git daemon} \
-+			--listen=127.0.0.1 --port="$LIB_GIT_DAEMON_PORT" \
-+			--reuseaddr --verbose --pid-file="$GIT_DAEMON_PIDFILE" \
-+			--base-path="$GIT_DAEMON_DOCUMENT_ROOT_PATH" \
-+			"$@" "$GIT_DAEMON_DOCUMENT_ROOT_PATH" \
-+			>&3 2>git_daemon_output &
-+		GIT_DAEMON_PID=$!
-+		{
-+			read -r line <&7
-+			printf "%s\n" "$line" >&4
-+			cat <&7 >&4 &
-+		} 7<git_daemon_output &&
- 
--	# Check expected output
--	if test x"$(expr "$line" : "\[[0-9]*\] \(.*\)")" != x"Ready to rumble"
--	then
--		kill "$GIT_DAEMON_PID"
--		wait "$GIT_DAEMON_PID"
--		unset GIT_DAEMON_PID
--		test_skip_or_die GIT_TEST_GIT_DAEMON \
--			"git daemon failed to start"
--	fi
-+		# Check expected output
-+		output="$(expr "$line" : "\[[0-9]*\] \(.*\)")"
-+		# Return if found
-+		test x"$output" = x"Ready to rumble" && return
-+		# Increment port for retry if not found
-+		LIB_GIT_DAEMON_PORT=$(($LIB_GIT_DAEMON_PORT + 1))
-+		export LIB_GIT_DAEMON_PORT
-+		GIT_DAEMON_HOST_PORT=127.0.0.1:$LIB_GIT_DAEMON_PORT
-+		GIT_DAEMON_URL=git://$GIT_DAEMON_HOST_PORT
-+		# unset GIT_DAEMON_PID; remove the fifo & pid file
-+		GIT_DAEMON_PID=
-+		rm -f git_daemon_output "$GIT_DAEMON_PIDFILE"
-+	done
-+
-+	# Clean up and return failure
-+	kill "$GIT_DAEMON_PID"
-+	wait "$GIT_DAEMON_PID"
-+	unset GIT_DAEMON_PID
-+	test_skip_or_die GIT_TEST_GIT_DAEMON \
-+		"git daemon failed to start"
- }
- 
- stop_git_daemon() {

0003-t-lib-git-svn-try-harder-to-find-a-port.patch

@@ -1,85 +0,0 @@
-From 41423d666fd52eaa6aa2b44a0de1b81d0857ca06 Mon Sep 17 00:00:00 2001
-From: Todd Zullinger <tmz@pobox.com>
-Date: Fri, 26 Aug 2022 18:28:44 -0400
-Subject: [PATCH] t/lib-git-svn: try harder to find a port
-
-As with the previous commits, try harder to find an open port to avoid
-intermittent failures on busy/shared build systems.
-
-By default, we make 3 attempts.  This may be overridden by setting
-GIT_TEST_START_SVNSERVE_TRIES to a different value.
-
-Run svnserve in daemon mode and use 'test_atexit' to stop it.  This is
-cleaner than running in the foreground with --listen-once and having to
-manage the PID ourselves.
-
-Signed-off-by: Todd Zullinger <tmz@pobox.com>
----
- t/lib-git-svn.sh                    | 34 +++++++++++++++++++++++++----
- t/t9113-git-svn-dcommit-new-file.sh |  1 -
- 2 files changed, 30 insertions(+), 5 deletions(-)
-
-diff --git a/t/lib-git-svn.sh b/t/lib-git-svn.sh
-index ea28971e8e..04e660e2ba 100644
---- a/t/lib-git-svn.sh
-+++ b/t/lib-git-svn.sh
-@@ -17,6 +17,7 @@ fi
- GIT_DIR=$PWD/.git
- GIT_SVN_DIR=$GIT_DIR/svn/refs/remotes/git-svn
- SVN_TREE=$GIT_SVN_DIR/svn-tree
-+SVNSERVE_PIDFILE="$PWD"/daemon.pid
- test_set_port SVNSERVE_PORT
- 
- svn >/dev/null 2>&1
-@@ -119,10 +120,35 @@ require_svnserve () {
- }
- 
- start_svnserve () {
--	svnserve --listen-port $SVNSERVE_PORT \
--		 --root "$rawsvnrepo" \
--		 --listen-once \
--		 --listen-host 127.0.0.1 &
-+	test_atexit stop_svnserve
-+
-+	i=0
-+	while test $i -lt ${GIT_TEST_START_SVNSERVE_TRIES:-3}
-+	do
-+		say >&3 "Starting svnserve on port $SVNSERVE_PORT ..."
-+		svnserve --listen-port $SVNSERVE_PORT \
-+			 --root "$rawsvnrepo" \
-+			 --daemon --pid-file="$SVNSERVE_PIDFILE" \
-+			 --listen-host 127.0.0.1
-+		ret=$?
-+		# increment port and retry if unsuccessful
-+		if test $ret -ne 0
-+		then
-+			SVNSERVE_PORT=$(($SVNSERVE_PORT + 1))
-+			export SVNSERVE_PORT
-+		else
-+			break
-+		fi
-+	done
-+}
-+
-+stop_svnserve () {
-+	say >&3 "Stopping svnserve ..."
-+	SVNSERVE_PID="$(cat "$SVNSERVE_PIDFILE")"
-+	if test -n "$SVNSERVE_PID"
-+	then
-+		kill "$SVNSERVE_PID" 2>/dev/null
-+	fi
- }
- 
- prepare_utf8_locale () {
-diff --git a/t/t9113-git-svn-dcommit-new-file.sh b/t/t9113-git-svn-dcommit-new-file.sh
-index e8479cec7a..5925891f5d 100755
---- a/t/t9113-git-svn-dcommit-new-file.sh
-+++ b/t/t9113-git-svn-dcommit-new-file.sh
-@@ -28,7 +28,6 @@ test_expect_success 'create files in new directory with dcommit' "
- 	echo hello > git-new-dir/world &&
- 	git update-index --add git-new-dir/world &&
- 	git commit -m hello &&
--	start_svnserve &&
- 	git svn dcommit
- 	"
- 

git-1.7-el5-emacs-support.patch

@@ -0,0 +1,252 @@
+From 424058e0607b4b3c558d19633090e06e7bd2b851 Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz@pobox.com>
+Date: Wed, 2 Feb 2011 21:24:44 -0500
+Subject: [PATCH] Restore vc-git.el for basic compatibility on EL-5
+
+This is the vc-git.el from 1.6.4.1, the last version to include it.
+Most uses will be better served by the vc-git.el which is provided by
+emacs >= 22.2, but on EL-5 we don't have the luxury of a modern emacs.
+---
+ contrib/emacs/Makefile  |    2 +-
+ contrib/emacs/vc-git.el |  216 +++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 217 insertions(+), 1 deletions(-)
+ create mode 100644 contrib/emacs/vc-git.el
+
+diff --git a/contrib/emacs/Makefile b/contrib/emacs/Makefile
+index 24d9312..a48540a 100644
+--- a/contrib/emacs/Makefile
++++ b/contrib/emacs/Makefile
+@@ -2,7 +2,7 @@
+ 
+ EMACS = emacs
+ 
+-ELC = git.elc git-blame.elc
++ELC = git.elc vc-git.elc git-blame.elc
+ INSTALL ?= install
+ INSTALL_ELC = $(INSTALL) -m 644
+ prefix ?= $(HOME)
+diff --git a/contrib/emacs/vc-git.el b/contrib/emacs/vc-git.el
+new file mode 100644
+index 0000000..b8f6be5
+--- /dev/null
++++ b/contrib/emacs/vc-git.el
+@@ -0,0 +1,216 @@
++;;; vc-git.el --- VC backend for the git version control system
++
++;; Copyright (C) 2006 Alexandre Julliard
++
++;; This program is free software; you can redistribute it and/or
++;; modify it under the terms of the GNU General Public License as
++;; published by the Free Software Foundation; either version 2 of
++;; the License, or (at your option) any later version.
++;;
++;; This program is distributed in the hope that it will be
++;; useful, but WITHOUT ANY WARRANTY; without even the implied
++;; warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
++;; PURPOSE.  See the GNU General Public License for more details.
++;;
++;; You should have received a copy of the GNU General Public
++;; License along with this program; if not, write to the Free
++;; Software Foundation, Inc., 59 Temple Place, Suite 330, Boston,
++;; MA 02111-1307 USA
++
++;;; Commentary:
++
++;; This file contains a VC backend for the git version control
++;; system.
++;;
++;; To install: put this file on the load-path and add GIT to the list
++;; of supported backends in `vc-handled-backends'; the following line,
++;; placed in your ~/.emacs, will accomplish this:
++;;
++;;     (add-to-list 'vc-handled-backends 'GIT)
++;;
++;; TODO
++;;  - changelog generation
++;;  - working with revisions other than HEAD
++;;
++
++(eval-when-compile (require 'cl))
++
++(defvar git-commits-coding-system 'utf-8
++  "Default coding system for git commits.")
++
++(defun vc-git--run-command-string (file &rest args)
++  "Run a git command on FILE and return its output as string."
++  (let* ((ok t)
++         (str (with-output-to-string
++                (with-current-buffer standard-output
++                  (unless (eq 0 (apply #'call-process "git" nil '(t nil) nil
++                                       (append args (list (file-relative-name file)))))
++                    (setq ok nil))))))
++    (and ok str)))
++
++(defun vc-git--run-command (file &rest args)
++  "Run a git command on FILE, discarding any output."
++  (let ((name (file-relative-name file)))
++    (eq 0 (apply #'call-process "git" nil (get-buffer "*Messages") nil (append args (list name))))))
++
++(defun vc-git-registered (file)
++  "Check whether FILE is registered with git."
++  (with-temp-buffer
++    (let* ((dir (file-name-directory file))
++           (name (file-relative-name file dir)))
++      (and (ignore-errors
++             (when dir (cd dir))
++             (eq 0 (call-process "git" nil '(t nil) nil "ls-files" "-c" "-z" "--" name)))
++           (let ((str (buffer-string)))
++             (and (> (length str) (length name))
++                  (string= (substring str 0 (1+ (length name))) (concat name "\0"))))))))
++
++(defun vc-git-state (file)
++  "git-specific version of `vc-state'."
++  (let ((diff (vc-git--run-command-string file "diff-index" "-z" "HEAD" "--")))
++    (if (and diff (string-match ":[0-7]\\{6\\} [0-7]\\{6\\} [0-9a-f]\\{40\\} [0-9a-f]\\{40\\} [ADMU]\0[^\0]+\0" diff))
++        'edited
++      'up-to-date)))
++
++(defun vc-git-workfile-version (file)
++  "git-specific version of `vc-workfile-version'."
++  (let ((str (with-output-to-string
++               (with-current-buffer standard-output
++                 (call-process "git" nil '(t nil) nil "symbolic-ref" "HEAD")))))
++    (if (string-match "^\\(refs/heads/\\)?\\(.+\\)$" str)
++        (match-string 2 str)
++      str)))
++
++(defun vc-git-symbolic-commit (commit)
++  "Translate COMMIT string into symbolic form.
++Returns nil if not possible."
++  (and commit
++       (with-temp-buffer
++	 (and
++	  (zerop
++	   (call-process "git" nil '(t nil) nil "name-rev"
++			 "--name-only" "--tags"
++			 commit))
++	  (goto-char (point-min))
++	  (= (forward-line 2) 1)
++	  (bolp)
++	  (buffer-substring-no-properties (point-min) (1- (point-max)))))))
++
++(defun vc-git-previous-version (file rev)
++  "git-specific version of `vc-previous-version'."
++  (let ((default-directory (file-name-directory (expand-file-name file)))
++	(file (file-name-nondirectory file)))
++    (vc-git-symbolic-commit
++     (with-temp-buffer
++       (and
++	(zerop
++	 (call-process "git" nil '(t nil) nil "rev-list"
++		       "-2" rev "--" file))
++	(goto-char (point-max))
++	(bolp)
++	(zerop (forward-line -1))
++	(not (bobp))
++	(buffer-substring-no-properties
++	   (point)
++	   (1- (point-max))))))))
++
++(defun vc-git-next-version (file rev)
++  "git-specific version of `vc-next-version'."
++  (let* ((default-directory (file-name-directory
++			     (expand-file-name file)))
++	(file (file-name-nondirectory file))
++	(current-rev
++	 (with-temp-buffer
++	   (and
++	    (zerop
++	     (call-process "git" nil '(t nil) nil "rev-list"
++			   "-1" rev "--" file))
++	    (goto-char (point-max))
++	    (bolp)
++	    (zerop (forward-line -1))
++	    (bobp)
++	    (buffer-substring-no-properties
++	     (point)
++	     (1- (point-max)))))))
++    (and current-rev
++	 (vc-git-symbolic-commit
++	  (with-temp-buffer
++	    (and
++	     (zerop
++	      (call-process "git" nil '(t nil) nil "rev-list"
++			    "HEAD" "--" file))
++	     (goto-char (point-min))
++	     (search-forward current-rev nil t)
++	     (zerop (forward-line -1))
++	     (buffer-substring-no-properties
++	      (point)
++	      (progn (forward-line 1) (1- (point))))))))))
++
++(defun vc-git-revert (file &optional contents-done)
++  "Revert FILE to the version stored in the git repository."
++  (if contents-done
++      (vc-git--run-command file "update-index" "--")
++    (vc-git--run-command file "checkout" "HEAD")))
++
++(defun vc-git-checkout-model (file)
++  'implicit)
++
++(defun vc-git-workfile-unchanged-p (file)
++  (let ((sha1 (vc-git--run-command-string file "hash-object" "--"))
++        (head (vc-git--run-command-string file "ls-tree" "-z" "HEAD" "--")))
++    (and head
++         (string-match "[0-7]\\{6\\} blob \\([0-9a-f]\\{40\\}\\)\t[^\0]+\0" head)
++         (string= (car (split-string sha1 "\n")) (match-string 1 head)))))
++
++(defun vc-git-register (file &optional rev comment)
++  "Register FILE into the git version-control system."
++  (vc-git--run-command file "update-index" "--add" "--"))
++
++(defun vc-git-print-log (file &optional buffer)
++  (let ((name (file-relative-name file))
++        (coding-system-for-read git-commits-coding-system))
++    (vc-do-command buffer 'async "git" name "rev-list" "--pretty" "HEAD" "--")))
++
++(defun vc-git-diff (file &optional rev1 rev2 buffer)
++  (let ((name (file-relative-name file))
++        (buf (or buffer "*vc-diff*")))
++    (if (and rev1 rev2)
++        (vc-do-command buf 0 "git" name "diff-tree" "-p" rev1 rev2 "--")
++      (vc-do-command buf 0 "git" name "diff-index" "-p" (or rev1 "HEAD") "--"))
++    ; git-diff-index doesn't set exit status like diff does
++    (if (vc-git-workfile-unchanged-p file) 0 1)))
++
++(defun vc-git-checkin (file rev comment)
++  (let ((coding-system-for-write git-commits-coding-system))
++    (vc-git--run-command file "commit" "-m" comment "--only" "--")))
++
++(defun vc-git-checkout (file &optional editable rev destfile)
++  (if destfile
++      (let ((fullname (substring
++                       (vc-git--run-command-string file "ls-files" "-z" "--full-name" "--")
++                       0 -1))
++            (coding-system-for-read 'no-conversion)
++            (coding-system-for-write 'no-conversion))
++        (with-temp-file destfile
++          (eq 0 (call-process "git" nil t nil "cat-file" "blob"
++                              (concat (or rev "HEAD") ":" fullname)))))
++    (vc-git--run-command file "checkout" (or rev "HEAD"))))
++
++(defun vc-git-annotate-command (file buf &optional rev)
++  ; FIXME: rev is ignored
++  (let ((name (file-relative-name file)))
++    (call-process "git" nil buf nil "blame" name)))
++
++(defun vc-git-annotate-time ()
++  (and (re-search-forward "[0-9a-f]+ (.* \\([0-9]+\\)-\\([0-9]+\\)-\\([0-9]+\\) \\([0-9]+\\):\\([0-9]+\\):\\([0-9]+\\) \\([-+0-9]+\\) +[0-9]+)" nil t)
++       (vc-annotate-convert-time
++        (apply #'encode-time (mapcar (lambda (match) (string-to-number (match-string match))) '(6 5 4 3 2 1 7))))))
++
++;; Not really useful since we can't do anything with the revision yet
++;;(defun vc-annotate-extract-revision-at-line ()
++;;  (save-excursion
++;;    (move-beginning-of-line 1)
++;;    (and (looking-at "[0-9a-f]+")
++;;         (buffer-substring (match-beginning 0) (match-end 0)))))
++
++(provide 'vc-git)
+-- 
+1.7.3.4
+

git-1.8-gitweb-home-link.patch

@@ -0,0 +1,12 @@
+diff -up git-1.8.4.2/gitweb/gitweb.perl.orig git-1.8.4.2/gitweb/gitweb.perl
+--- git-1.8.4.2/gitweb/gitweb.perl.orig	2013-10-28 14:17:38.000000000 -0400
++++ git-1.8.4.2/gitweb/gitweb.perl	2013-10-29 16:49:07.302747507 -0400
+@@ -83,7 +83,7 @@ our $projectroot = "++GITWEB_PROJECTROOT
+ our $project_maxdepth = "++GITWEB_PROJECT_MAXDEPTH++";
+ 
+ # string of the home link on top of all pages
+-our $home_link_str = "++GITWEB_HOME_LINK_STR++";
++our $home_link_str = $ENV{'SERVER_NAME'} ? "git://" . $ENV{'SERVER_NAME'} : "projects";
+ 
+ # extra breadcrumbs preceding the home link
+ our @extra_breadcrumbs = ();

git-2.52-sanitize-sideband-channel-messages.patch

@@ -1,275 +0,0 @@
-From 65e88e659008e2cbf79cf44975406ff0d569a3a9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= <opohorel@redhat.com>
-Date: Thu, 20 Nov 2025 12:24:59 +0100
-Subject: [PATCH] sideband: mask control characters
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The output of `git clone` is a vital component for understanding what
-has happened when things go wrong. However, these logs are partially
-under the control of the remote server (via the "sideband", which
-typically contains what the remote `git pack-objects` process sends to
-`stderr`), and is currently not sanitized by Git.
-
-This makes Git susceptible to ANSI escape sequence injection (see
-CWE-150, https://cwe.mitre.org/data/definitions/150.html), which allows
-attackers to corrupt terminal state, to hide information, and even to
-insert characters into the input buffer (i.e. as if the user had typed
-those characters).
-
-To plug this vulnerability, disallow any control character in the
-sideband, replacing them instead with the common `^<letter/symbol>`
-(e.g. `^[` for `\x1b`, `^A` for `\x01`).
-
-There is likely a need for more fine-grained controls instead of using a
-"heavy hammer" like this, which will be introduced subsequently.
-
-Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
-
-sideband: introduce an "escape hatch" to allow control characters
-
-The preceding commit fixed the vulnerability whereas sideband messages
-(that are under the control of the remote server) could contain ANSI
-escape sequences that would be sent to the terminal verbatim.
-
-However, this fix may not be desirable under all circumstances, e.g.
-when remote servers deliberately add coloring to their messages to
-increase their urgency.
-
-To help with those use cases, give users a way to opt-out of the
-protections: `sideband.allowControlCharacters`.
-
-Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
-
-sideband: do allow ANSI color sequences by default
-
-The preceding two commits introduced special handling of the sideband
-channel to neutralize ANSI escape sequences before sending the payload
-to the terminal, and `sideband.allowControlCharacters` to override that
-behavior.
-
-However, some `pre-receive` hooks that are actively used in practice
-want to color their messages and therefore rely on the fact that Git
-passes them through to the terminal.
-
-In contrast to other ANSI escape sequences, it is highly unlikely that
-coloring sequences can be essential tools in attack vectors that mislead
-Git users e.g. by hiding crucial information.
-
-Therefore we can have both: Continue to allow ANSI coloring sequences to
-be passed to the terminal, and neutralize all other ANSI escape
-sequences.
-
-Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
-
-sideband: default to allowControlCharacters=true
-
-We don't want to change the default Git behaviour, just add the option
-to filter control characters.
-
-Signed-off-by: Ondřej Pohořelský <opohorel@redhat.com>
----
- Documentation/config.adoc           |  2 +
- Documentation/config/sideband.adoc  | 16 ++++++
- sideband.c                          | 78 ++++++++++++++++++++++++++++-
- t/t5409-colorize-remote-messages.sh | 31 ++++++++++++
- 4 files changed, 125 insertions(+), 2 deletions(-)
- create mode 100644 Documentation/config/sideband.adoc
-
-diff --git a/Documentation/config.adoc b/Documentation/config.adoc
-index 62eebe7c54..dcea3c0c15 100644
---- a/Documentation/config.adoc
-+++ b/Documentation/config.adoc
-@@ -523,6 +523,8 @@ include::config/sequencer.adoc[]
- 
- include::config/showbranch.adoc[]
- 
-+include::config/sideband.adoc[]
-+
- include::config/sparse.adoc[]
- 
- include::config/splitindex.adoc[]
-diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc
-new file mode 100644
-index 0000000000..c9ba24a02c
---- /dev/null
-+++ b/Documentation/config/sideband.adoc
-@@ -0,0 +1,16 @@
-+sideband.allowControlCharacters::
-+	By default, control characters that are delivered via the sideband
-+	are NOT masked. Use this config setting to prevent potentially
-+	unwanted ANSI escape sequences from being sent to the terminal:
-++
-+--
-+	color::
-+		Allow ANSI color sequences, line feeds and horizontal tabs,
-+		but mask all other control characters.
-+	false::
-+		Mask all control characters other than line feeds and
-+		horizontal tabs.
-+	true::
-+		Allow all control characters to be sent to the terminal.
-+		This is the default.
-+--
-\ No newline at end of file
-diff --git a/sideband.c b/sideband.c
-index ea7c25211e..88d1b44a7a 100644
---- a/sideband.c
-+++ b/sideband.c
-@@ -26,6 +26,12 @@ static struct keyword_entry keywords[] = {
- 	{ "error",	GIT_COLOR_BOLD_RED },
- };
- 
-+static enum {
-+	ALLOW_NO_CONTROL_CHARACTERS = 0,
-+	ALLOW_ALL_CONTROL_CHARACTERS = 1,
-+	ALLOW_ANSI_COLOR_SEQUENCES = 2
-+} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS;
-+
- /* Returns a color setting (GIT_COLOR_NEVER, etc). */
- static enum git_colorbool use_sideband_colors(void)
- {
-@@ -39,6 +45,25 @@ static enum git_colorbool use_sideband_colors(void)
- 	if (use_sideband_colors_cached != GIT_COLOR_UNKNOWN)
- 		return use_sideband_colors_cached;
- 
-+	switch (repo_config_get_maybe_bool(the_repository, "sideband.allowcontrolcharacters", &i)) {
-+	case 0: /* Boolean value */
-+		allow_control_characters = i ? ALLOW_ALL_CONTROL_CHARACTERS :
-+			ALLOW_NO_CONTROL_CHARACTERS;
-+		break;
-+	case -1: /* non-Boolean value */
-+		if (repo_config_get_string_tmp(the_repository, "sideband.allowcontrolcharacters",
-+					      &value))
-+			; /* huh? `get_maybe_bool()` returned -1 */
-+		else if (!strcmp(value, "color"))
-+			allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES;
-+		else
-+			warning(_("unrecognized value for `sideband."
-+				  "allowControlCharacters`: '%s'"), value);
-+		break;
-+	default:
-+		break; /* not configured */
-+	}
-+
- 	if (!repo_config_get_string_tmp(the_repository, key, &value))
- 		use_sideband_colors_cached = git_config_colorbool(key, value);
- 	else if (!repo_config_get_string_tmp(the_repository, "color.ui", &value))
-@@ -66,6 +91,55 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref
- 		list_config_item(list, prefix, keywords[i].keyword);
- }
- 
-+static int handle_ansi_color_sequence(struct strbuf *dest, const char *src, int n)
-+{
-+	int i;
-+
-+	/*
-+	 * Valid ANSI color sequences are of the form
-+	 *
-+	 * ESC [ [<n> [; <n>]*] m
-+	 */
-+
-+	if (allow_control_characters != ALLOW_ANSI_COLOR_SEQUENCES ||
-+	    n < 3 || src[0] != '\x1b' || src[1] != '[')
-+		return 0;
-+
-+	for (i = 2; i < n; i++) {
-+		if (src[i] == 'm') {
-+			strbuf_add(dest, src, i + 1);
-+			return i;
-+		}
-+		if (!isdigit(src[i]) && src[i] != ';')
-+			break;
-+	}
-+
-+	return 0;
-+}
-+
-+static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n)
-+{
-+	int i;
-+
-+	if (allow_control_characters == ALLOW_ALL_CONTROL_CHARACTERS) {
-+		strbuf_add(dest, src, n);
-+		return;
-+	}
-+
-+	strbuf_grow(dest, n);
-+	for (; n && *src; src++, n--) {
-+		if (!iscntrl(*src) || *src == '\t' || *src == '\n')
-+			strbuf_addch(dest, *src);
-+		else if ((i = handle_ansi_color_sequence(dest, src, n))) {
-+			src += i;
-+			n -= i;
-+		} else {
-+			strbuf_addch(dest, '^');
-+			strbuf_addch(dest, 0x40 + *src);
-+		}
-+	}
-+}
-+
- /*
-  * Optionally highlight one keyword in remote output if it appears at the start
-  * of the line. This should be called for a single line only, which is
-@@ -81,7 +155,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n)
- 	int i;
- 
- 	if (!want_color_stderr(use_sideband_colors())) {
--		strbuf_add(dest, src, n);
-+		strbuf_add_sanitized(dest, src, n);
- 		return;
- 	}
- 
-@@ -114,7 +188,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n)
- 		}
- 	}
- 
--	strbuf_add(dest, src, n);
-+	strbuf_add_sanitized(dest, src, n);
- }
- 
- 
-diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh
-index fa5de4500a..2d40d8c640 100755
---- a/t/t5409-colorize-remote-messages.sh
-+++ b/t/t5409-colorize-remote-messages.sh
-@@ -98,4 +98,35 @@ test_expect_success 'fallback to color.ui' '
- 	grep "<BOLD;RED>error<RESET>: error" decoded
- '
- 
-+test_expect_success 'disallow (color) control sequences in sideband' '
-+	write_script .git/color-me-surprised <<-\EOF &&
-+	printf "error: Have you \\033[31mread\\033[m this?\\a\\n" >&2
-+	exec "$@"
-+	EOF
-+	test_config_global uploadPack.packObjectshook ./color-me-surprised &&
-+	test_commit need-at-least-one-commit &&
-+
-+	git -c sideband.allowControlCharacters=color \
-+		clone --no-local . throw-away 2>stderr &&
-+	test_decode_color <stderr >decoded &&
-+	test_grep RED decoded &&
-+	test_grep "\\^G" stderr &&
-+	tr -dc "\\007" <stderr >actual &&
-+	test_must_be_empty actual &&
-+
-+	rm -rf throw-away &&
-+	git -c sideband.allowControlCharacters=false \
-+		clone --no-local . throw-away 2>stderr &&
-+	test_decode_color <stderr >decoded &&
-+	test_grep ! RED decoded &&
-+	test_grep "\\^G" stderr &&
-+
-+	rm -rf throw-away &&
-+	git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr &&
-+	test_decode_color <stderr >decoded &&
-+	test_grep RED decoded &&
-+	tr -dc "\\007" <stderr >actual &&
-+	test_file_not_empty actual
-+'
-+
- test_done
--- 
-2.51.1
-

git-2.9.5-git-shell-and-cvsserver-hardening.patch

@@ -0,0 +1,518 @@
+From 9a1c497f7f3fbbd21673a6023871b891a6225ebe Mon Sep 17 00:00:00 2001
+From: Junio C Hamano <gitster@pobox.com>
+Date: Mon, 11 Sep 2017 14:44:24 +0900
+Subject: [PATCH 1/6] cvsserver: move safe_pipe_capture() to the main package
+
+As a preparation for replacing `command` with a call to this
+function from outside GITCVS::updater package, move it to the main
+package.
+
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit fce13af5d20cad8dcb2d0e47bcf01b6960f08e55)
+---
+ git-cvsserver.perl | 47 ++++++++++++++++++++++-------------------------
+ 1 file changed, 22 insertions(+), 25 deletions(-)
+
+diff --git a/git-cvsserver.perl b/git-cvsserver.perl
+index d50c85ed7b..8229d9d198 100755
+--- a/git-cvsserver.perl
++++ b/git-cvsserver.perl
+@@ -3406,6 +3406,22 @@ sub refHashEqual
+     return $out;
+ }
+ 
++# an alternative to `command` that allows input to be passed as an array
++# to work around shell problems with weird characters in arguments
++
++sub safe_pipe_capture {
++
++    my @output;
++
++    if (my $pid = open my $child, '-|') {
++        @output = (<$child>);
++        close $child or die join(' ',@_).": $! $?";
++    } else {
++        exec(@_) or die "$! $?"; # exec() can fail the executable can't be found
++    }
++    return wantarray ? @output : join('',@output);
++}
++
+ 
+ package GITCVS::log;
+ 
+@@ -3882,7 +3898,7 @@ sub update
+                     # several candidate merge bases. let's assume
+                     # that the first one is the best one.
+ 		    my $base = eval {
+-			    safe_pipe_capture('git', 'merge-base',
++			    ::safe_pipe_capture('git', 'merge-base',
+ 						 $lastpicked, $parent);
+ 		    };
+ 		    # The two branches may not be related at all,
+@@ -4749,7 +4765,7 @@ sub getMetaFromCommithash
+         return $retVal;
+     }
+ 
+-    my($fileHash)=safe_pipe_capture("git","rev-parse","$revCommit:$filename");
++    my($fileHash) = ::safe_pipe_capture("git","rev-parse","$revCommit:$filename");
+     chomp $fileHash;
+     if(!($fileHash=~/^[0-9a-f]{40}$/))
+     {
+@@ -4844,8 +4860,8 @@ sub lookupCommitRef
+         return $commitHash;
+     }
+ 
+-    $commitHash=safe_pipe_capture("git","rev-parse","--verify","--quiet",
+-                                  $self->unescapeRefName($ref));
++    $commitHash = ::safe_pipe_capture("git","rev-parse","--verify","--quiet",
++				      $self->unescapeRefName($ref));
+     $commitHash=~s/\s*$//;
+     if(!($commitHash=~/^[0-9a-f]{40}$/))
+     {
+@@ -4854,7 +4870,7 @@ sub lookupCommitRef
+ 
+     if( defined($commitHash) )
+     {
+-        my $type=safe_pipe_capture("git","cat-file","-t",$commitHash);
++        my $type = ::safe_pipe_capture("git","cat-file","-t",$commitHash);
+         if( ! ($type=~/^commit\s*$/ ) )
+         {
+             $commitHash=undef;
+@@ -4907,7 +4923,7 @@ sub commitmessage
+         return $message;
+     }
+ 
+-    my @lines = safe_pipe_capture("git", "cat-file", "commit", $commithash);
++    my @lines = ::safe_pipe_capture("git", "cat-file", "commit", $commithash);
+     shift @lines while ( $lines[0] =~ /\S/ );
+     $message = join("",@lines);
+     $message .= " " if ( $message =~ /\n$/ );
+@@ -5056,25 +5072,6 @@ sub in_array
+     return $retval;
+ }
+ 
+-=head2 safe_pipe_capture
+-
+-an alternative to `command` that allows input to be passed as an array
+-to work around shell problems with weird characters in arguments
+-
+-=cut
+-sub safe_pipe_capture {
+-
+-    my @output;
+-
+-    if (my $pid = open my $child, '-|') {
+-        @output = (<$child>);
+-        close $child or die join(' ',@_).": $! $?";
+-    } else {
+-        exec(@_) or die "$! $?"; # exec() can fail the executable can't be found
+-    }
+-    return wantarray ? @output : join('',@output);
+-}
+-
+ =head2 mangle_dirname
+ 
+ create a string from a directory name that is suitable to use as
+-- 
+2.14.1
+
+
+From a871ec30ae5d7b472b35641a2a1b35685b6d41bb Mon Sep 17 00:00:00 2001
+From: joernchen <joernchen@phenoelit.de>
+Date: Mon, 11 Sep 2017 14:45:09 +0900
+Subject: [PATCH 2/6] cvsserver: use safe_pipe_capture instead of backticks
+
+This makes the script pass arguments that are derived from end-user
+input in safer way when invoking subcommands.
+
+Reported-by: joernchen <joernchen@phenoelit.de>
+Signed-off-by: joernchen <joernchen@phenoelit.de>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit 27dd73871f814062737c327103ee43f1eb7f30d9)
+---
+ git-cvsserver.perl | 22 +++++++++++-----------
+ 1 file changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/git-cvsserver.perl b/git-cvsserver.perl
+index 8229d9d198..bd29b26cc2 100755
+--- a/git-cvsserver.perl
++++ b/git-cvsserver.perl
+@@ -841,7 +841,7 @@ sub req_Modified
+     # Save the file data in $state
+     $state->{entries}{$state->{directory}.$data}{modified_filename} = $filename;
+     $state->{entries}{$state->{directory}.$data}{modified_mode} = $mode;
+-    $state->{entries}{$state->{directory}.$data}{modified_hash} = `git hash-object $filename`;
++    $state->{entries}{$state->{directory}.$data}{modified_hash} = safe_pipe_capture('git','hash-object',$filename);
+     $state->{entries}{$state->{directory}.$data}{modified_hash} =~ s/\s.*$//s;
+ 
+     #$log->debug("req_Modified : file=$data mode=$mode size=$size");
+@@ -1463,7 +1463,7 @@ sub req_update
+                 # transmit file, format is single integer on a line by itself (file
+                 # size) followed by the file contents
+                 # TODO : we should copy files in blocks
+-                my $data = `cat $mergedFile`;
++                my $data = safe_pipe_capture('cat', $mergedFile);
+                 $log->debug("File size : " . length($data));
+                 print length($data) . "\n";
+                 print $data;
+@@ -1579,7 +1579,7 @@ sub req_ci
+                 $branchRef = "refs/heads/$stickyInfo->{tag}";
+             }
+ 
+-            $parenthash = `git show-ref -s $branchRef`;
++            $parenthash = safe_pipe_capture('git', 'show-ref', '-s', $branchRef);
+             chomp $parenthash;
+             if ($parenthash !~ /^[0-9a-f]{40}$/)
+             {
+@@ -1704,7 +1704,7 @@ sub req_ci
+     }
+     close $msg_fh;
+ 
+-    my $commithash = `git commit-tree $treehash -p $parenthash < $msg_filename`;
++    my $commithash = safe_pipe_capture('git', 'commit-tree', $treehash, '-p', $parenthash, '-F', $msg_filename);
+     chomp($commithash);
+     $log->info("Commit hash : $commithash");
+ 
+@@ -2854,12 +2854,12 @@ sub transmitfile
+ 
+     die "Need filehash" unless ( defined ( $filehash ) and $filehash =~ /^[a-zA-Z0-9]{40}$/ );
+ 
+-    my $type = `git cat-file -t $filehash`;
++    my $type = safe_pipe_capture('git', 'cat-file', '-t', $filehash);
+     chomp $type;
+ 
+     die ( "Invalid type '$type' (expected 'blob')" ) unless ( defined ( $type ) and $type eq "blob" );
+ 
+-    my $size = `git cat-file -s $filehash`;
++    my $size = safe_pipe_capture('git', 'cat-file', '-s', $filehash);
+     chomp $size;
+ 
+     $log->debug("transmitfile($filehash) size=$size, type=$type");
+@@ -3040,7 +3040,7 @@ sub ensureWorkTree
+     chdir $work->{emptyDir} or
+         die "Unable to chdir to $work->{emptyDir}\n";
+ 
+-    my $ver = `git show-ref -s refs/heads/$state->{module}`;
++    my $ver = safe_pipe_capture('git', 'show-ref', '-s', "refs/heads/$state->{module}");
+     chomp $ver;
+     if ($ver !~ /^[0-9a-f]{40}$/)
+     {
+@@ -3287,7 +3287,7 @@ sub open_blob_or_die
+             die "Need filehash\n";
+         }
+ 
+-        my $type = `git cat-file -t $name`;
++        my $type = safe_pipe_capture('git', 'cat-file', '-t', $name);
+         chomp $type;
+ 
+         unless ( defined ( $type ) and $type eq "blob" )
+@@ -3296,7 +3296,7 @@ sub open_blob_or_die
+             die ( "Invalid type '$type' (expected 'blob')" )
+         }
+ 
+-        my $size = `git cat-file -s $name`;
++        my $size = safe_pipe_capture('git', 'cat-file', '-s', $name);
+         chomp $size;
+ 
+         $log->debug("open_blob_or_die($name) size=$size, type=$type");
+@@ -3813,10 +3813,10 @@ sub update
+     # first lets get the commit list
+     $ENV{GIT_DIR} = $self->{git_path};
+ 
+-    my $commitsha1 = `git rev-parse $self->{module}`;
++    my $commitsha1 = ::safe_pipe_capture('git', 'rev-parse', $self->{module});
+     chomp $commitsha1;
+ 
+-    my $commitinfo = `git cat-file commit $self->{module} 2>&1`;
++    my $commitinfo = ::safe_pipe_capture('git', 'cat-file', 'commit', $self->{module});
+     unless ( $commitinfo =~ /tree\s+[a-zA-Z0-9]{40}/ )
+     {
+         die("Invalid module '$self->{module}'");
+-- 
+2.14.1
+
+
+From d213a1c065b12601e3147363f6e0b11d85f5d514 Mon Sep 17 00:00:00 2001
+From: Junio C Hamano <gitster@pobox.com>
+Date: Mon, 11 Sep 2017 14:45:54 +0900
+Subject: [PATCH 3/6] cvsserver: use safe_pipe_capture for `constant commands`
+ as well
+
+This is not strictly necessary, but it is a good code hygiene.
+
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit 46203ac24dc7e6b5a8d4f1b024ed93591705d47b)
+---
+ git-cvsserver.perl | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/git-cvsserver.perl b/git-cvsserver.perl
+index bd29b26cc2..ae1044273d 100755
+--- a/git-cvsserver.perl
++++ b/git-cvsserver.perl
+@@ -356,7 +356,7 @@ sub req_Root
+        return 0;
+     }
+ 
+-    my @gitvars = `git config -l`;
++    my @gitvars = safe_pipe_capture(qw(git config -l));
+     if ($?) {
+        print "E problems executing git-config on the server -- this is not a git repository or the PATH is not set correctly.\n";
+         print "E \n";
+@@ -943,7 +943,7 @@ sub req_co
+ 
+     # Provide list of modules, if -c was used.
+     if (exists $state->{opt}{c}) {
+-        my $showref = `git show-ref --heads`;
++        my $showref = safe_pipe_capture(qw(git show-ref --heads));
+         for my $line (split '\n', $showref) {
+             if ( $line =~ m% refs/heads/(.*)$% ) {
+                 print "M $1\t$1\n";
+@@ -1181,7 +1181,7 @@ sub req_update
+     # projects (heads in this case) to checkout.
+     #
+     if ($state->{module} eq '') {
+-        my $showref = `git show-ref --heads`;
++        my $showref = safe_pipe_capture(qw(git show-ref --heads));
+         print "E cvs update: Updating .\n";
+         for my $line (split '\n', $showref) {
+             if ( $line =~ m% refs/heads/(.*)$% ) {
+@@ -1687,7 +1687,7 @@ sub req_ci
+         return;
+     }
+ 
+-    my $treehash = `git write-tree`;
++    my $treehash = safe_pipe_capture(qw(git write-tree));
+     chomp $treehash;
+ 
+     $log->debug("Treehash : $treehash, Parenthash : $parenthash");
+-- 
+2.14.1
+
+
+From 7b1cfcc88d29d28133f6864c9ef7173d1edffa60 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Mon, 11 Sep 2017 11:27:51 -0400
+Subject: [PATCH 4/6] shell: drop git-cvsserver support by default
+
+The git-cvsserver script is old and largely unmaintained
+these days. But git-shell allows untrusted users to run it
+out of the box, significantly increasing its attack surface.
+
+Let's drop it from git-shell's list of internal handlers so
+that it cannot be run by default.  This is not backwards
+compatible. But given the age and development activity on
+CVS-related parts of Git, this is likely to impact very few
+users, while helping many more (i.e., anybody who runs
+git-shell and had no intention of supporting CVS).
+
+There's no configuration mechanism in git-shell for us to
+add a boolean and flip it to "off". But there is a mechanism
+for adding custom commands, and adding CVS support here is
+fairly trivial. Let's document it to give guidance to
+anybody who really is still running cvsserver.
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit 9a42c03cb71eaa9d41ba67275de38c997a791c32)
+---
+ Documentation/git-shell.txt     | 16 ++++++++++++++
+ shell.c                         | 14 ------------
+ t/t9400-git-cvsserver-server.sh | 48 +++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 64 insertions(+), 14 deletions(-)
+
+diff --git a/Documentation/git-shell.txt b/Documentation/git-shell.txt
+index 2e30a3e42d..54cf2560be 100644
+--- a/Documentation/git-shell.txt
++++ b/Documentation/git-shell.txt
+@@ -79,6 +79,22 @@ EOF
+ $ chmod +x $HOME/git-shell-commands/no-interactive-login
+ ----------------
+ 
++To enable git-cvsserver access (which should generally have the
++`no-interactive-login` example above as a prerequisite, as creating
++the git-shell-commands directory allows interactive logins):
++
++----------------
++$ cat >$HOME/git-shell-commands/cvs <<\EOF
++if ! test $# = 1 && test "$1" = "server"
++then
++	echo >&2 "git-cvsserver only handles \"server\""
++	exit 1
++fi
++exec git cvsserver server
++EOF
++$ chmod +x $HOME/git-shell-commands/cvs
++----------------
++
+ SEE ALSO
+ --------
+ ssh(1),
+diff --git a/shell.c b/shell.c
+index fe2d314593..234b2d4f16 100644
+--- a/shell.c
++++ b/shell.c
+@@ -25,19 +25,6 @@ static int do_generic_cmd(const char *me, char *arg)
+ 	return execv_git_cmd(my_argv);
+ }
+ 
+-static int do_cvs_cmd(const char *me, char *arg)
+-{
+-	const char *cvsserver_argv[3] = {
+-		"cvsserver", "server", NULL
+-	};
+-
+-	if (!arg || strcmp(arg, "server"))
+-		die("git-cvsserver only handles server: %s", arg);
+-
+-	setup_path();
+-	return execv_git_cmd(cvsserver_argv);
+-}
+-
+ static int is_valid_cmd_name(const char *cmd)
+ {
+ 	/* Test command contains no . or / characters */
+@@ -134,7 +121,6 @@ static struct commands {
+ 	{ "git-receive-pack", do_generic_cmd },
+ 	{ "git-upload-pack", do_generic_cmd },
+ 	{ "git-upload-archive", do_generic_cmd },
+-	{ "cvs", do_cvs_cmd },
+ 	{ NULL },
+ };
+ 
+diff --git a/t/t9400-git-cvsserver-server.sh b/t/t9400-git-cvsserver-server.sh
+index 432c61d246..c30660d606 100755
+--- a/t/t9400-git-cvsserver-server.sh
++++ b/t/t9400-git-cvsserver-server.sh
+@@ -588,4 +588,52 @@ test_expect_success 'cvs annotate' '
+     test_cmp ../expect ../actual
+ '
+ 
++#------------
++# running via git-shell
++#------------
++
++cd "$WORKDIR"
++
++test_expect_success 'create remote-cvs helper' '
++	write_script remote-cvs <<-\EOF
++	exec git shell -c "cvs server"
++	EOF
++'
++
++test_expect_success 'cvs server does not run with vanilla git-shell' '
++	(
++		cd cvswork &&
++		CVS_SERVER=$WORKDIR/remote-cvs &&
++		export CVS_SERVER &&
++		test_must_fail cvs log merge
++	)
++'
++
++test_expect_success 'configure git shell to run cvs server' '
++	mkdir "$HOME"/git-shell-commands &&
++
++	write_script "$HOME"/git-shell-commands/cvs <<-\EOF &&
++	if ! test $# = 1 && test "$1" = "server"
++	then
++		echo >&2 "git-cvsserver only handles \"server\""
++		exit 1
++	fi
++	exec git cvsserver server
++	EOF
++
++	# Should not be used, but part of the recommended setup
++	write_script "$HOME"/git-shell-commands/no-interactive-login <<-\EOF
++	echo Interactive login forbidden
++	EOF
++'
++
++test_expect_success 'cvs server can run with recommended config' '
++	(
++		cd cvswork &&
++		CVS_SERVER=$WORKDIR/remote-cvs &&
++		export CVS_SERVER &&
++		cvs log merge
++	)
++'
++
+ test_done
+-- 
+2.14.1
+
+
+From 974a1f5703091e07891cfb743c50cb66634ef8cf Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Mon, 11 Sep 2017 10:24:11 -0400
+Subject: [PATCH 5/6] archimport: use safe_pipe_capture for user input
+
+Refnames can contain shell metacharacters which need to be
+passed verbatim to sub-processes. Using safe_pipe_capture
+skips the shell entirely.
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit 8d0fad0a7a6ba34fd706c148fa7ed1f8eb2b8b26)
+---
+ git-archimport.perl | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/git-archimport.perl b/git-archimport.perl
+index 9cb123a07d..b7c173c345 100755
+--- a/git-archimport.perl
++++ b/git-archimport.perl
+@@ -983,7 +983,7 @@ sub find_parents {
+ 	# check that we actually know about the branch
+ 	next unless -e "$git_dir/refs/heads/$branch";
+ 
+-	my $mergebase = `git-merge-base $branch $ps->{branch}`;
++	my $mergebase = safe_pipe_capture(qw(git-merge-base), $branch, $ps->{branch});
+ 	if ($?) {
+ 	    # Don't die here, Arch supports one-way cherry-picking
+ 	    # between branches with no common base (or any relationship
+@@ -1074,7 +1074,7 @@ sub find_parents {
+ 
+ sub git_rev_parse {
+     my $name = shift;
+-    my $val  = `git-rev-parse $name`;
++    my $val  = safe_pipe_capture(qw(git-rev-parse), $name);
+     die "Error: git-rev-parse $name" if $?;
+     chomp $val;
+     return $val;
+-- 
+2.14.1
+
+
+From c6d8647e2857f1ffbe1c6ff0c006b8da0710f9d4 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Mon, 11 Sep 2017 10:24:26 -0400
+Subject: [PATCH 6/6] cvsimport: shell-quote variable used in backticks
+
+We run `git rev-parse` though the shell, and quote its
+argument only with single-quotes. This prevents most
+metacharacters from being a problem, but misses the obvious
+case when $name itself has single-quotes in it. We can fix
+this by applying the usual shell-quoting formula.
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit 5b4efea666951efe0770f8d5a301f8917015315f)
+---
+ git-cvsimport.perl | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/git-cvsimport.perl b/git-cvsimport.perl
+index 1e4e65a45d..36929921ea 100755
+--- a/git-cvsimport.perl
++++ b/git-cvsimport.perl
+@@ -642,6 +642,7 @@ sub is_sha1 {
+ 
+ sub get_headref ($) {
+ 	my $name = shift;
++	$name =~ s/'/'\\''/;
+ 	my $r = `git rev-parse --verify '$name' 2>/dev/null`;
+ 	return undef unless $? == 0;
+ 	chomp $r;
+-- 
+2.14.1
+

git-infinite-loop.patch

@@ -0,0 +1,39 @@
+diff --git a/refs.c b/refs.c
+index 67d6745..ddb9a77 100644
+--- a/refs.c
++++ b/refs.c
+@@ -1422,6 +1422,7 @@ static struct ref_dir *get_loose_refs(struct ref_cache *refs)
+ /* We allow "recursive" symbolic refs. Only within reason, though */
+ #define MAXDEPTH 5
+ #define MAXREFLEN (1024)
++#define MAXRETRIES 5
+ 
+ /*
+  * Called by resolve_gitlink_ref_recursive() after it failed to read
+@@ -1576,6 +1577,7 @@ const char *resolve_ref_unsafe(const char *refname, int resolve_flags, unsigned
+ 		struct stat st;
+ 		char *buf;
+ 		int fd;
++		int retries = 0;
+ 
+ 		if (--depth < 0) {
+ 			errno = ELOOP;
+@@ -1612,7 +1614,8 @@ const char *resolve_ref_unsafe(const char *refname, int resolve_flags, unsigned
+ 		if (S_ISLNK(st.st_mode)) {
+ 			len = readlink(path, buffer, sizeof(buffer)-1);
+ 			if (len < 0) {
+-				if (errno == ENOENT || errno == EINVAL)
++				if ((errno == ENOENT || errno == EINVAL) &&
++					retries++ < MAXRETRIES)
+ 					/* inconsistent with lstat; retry */
+ 					goto stat_ref;
+ 				else
+@@ -1645,7 +1648,7 @@ const char *resolve_ref_unsafe(const char *refname, int resolve_flags, unsigned
+ 		 */
+ 		fd = open(path, O_RDONLY);
+ 		if (fd < 0) {
+-			if (errno == ENOENT)
++			if (errno == ENOENT && retries++ < MAXRETRIES)
+ 				/* inconsistent with lstat; retry */
+ 				goto stat_ref;
+ 			else

git-init.el

@@ -0,0 +1,5 @@
+;; Git VC backend
+(add-to-list 'vc-handled-backends 'GIT t)
+(autoload 'git-status "git" "GIT mode." t)
+(autoload 'git-blame-mode "git-blame"
+ 	"Minor mode for incremental blame for Git." t)

git-test-apache-davlockdbtype-config.patch

@@ -1,14 +0,0 @@
-diff -ur b/t/lib-httpd/apache.conf a/t/lib-httpd/apache.conf
---- b/t/lib-httpd/apache.conf	2024-01-09 11:06:46.660868023 +0100
-+++ a/t/lib-httpd/apache.conf	2024-01-09 11:09:09.572713625 +0100
-@@ -272,7 +272,9 @@
- <IfDefine DAV>
- 	LoadModule dav_module modules/mod_dav.so
- 	LoadModule dav_fs_module modules/mod_dav_fs.so
--
-+	<IfDirective DavLockDBType>
-+   		DavLockDBType sdbm
-+	</IfDirective>
- 	DAVLockDB DAVLock
- 	<Location /dumb/>
- 		Dav on

git.rpmlintrc

@@ -1,42 +0,0 @@
-# the dictionary is a bit limited
-addFilter("git.* spelling-error %description .* subpackages")
-addFilter("git-subtree.* spelling-error %description .* (subdirectory|subproject|subtree)")
-
-# git-core-doc requires git-core, which provides the symlink target
-addFilter("git(-core-doc)?\..*: W: dangling-relative-symlink /usr/share/doc/git/contrib/hooks ../../../git-core/contrib/hooks")
-
-# gitk requires git, which provides the symlink target
-addFilter("gitk\.noarch: W: dangling-relative-symlink /usr/share/bash-completion/completions/gitk git")
-
-# git-gui requires git, which provides the git binary
-addFilter("git-gui.noarch: W: desktopfile-without-binary /usr/share/applications/git-gui.desktop git")
-
-# ignore no binary warning for main git package; making it noarch isn't trivial
-# since we have arch-specific subpackages
-addFilter("git\..*: E: no-binary$")
-
-# ignore no doc/manpage warnings where we don't expect any documentation
-addFilter("git-(all|core|credential-libsecret)\..*: W: no-documentation")
-addFilter("perl-Git-SVN.noarch: W: no-documentation")
-addFilter("git-core\..*: W: no-manual-page-for-binary")
-
-# nothing provides git-gnome-keyring, it's simply obsolete
-# similarly ignore the warning when git-cvs and git-p4 are disabled
-addFilter("git.* obsolete-not-provided git-(cvs|gnome-keyring|p4)")
-
-# git-svn has both man and html docs and only a single command
-addFilter('git-svn\..*: W: package-with-huge-docs')
-
-# ignore potential "bashisms" in docs
-addFilter('git-core-doc\.noarch: W: potential-bashisms /usr/share/doc/git/')
-
-# ignore unused-direct-shlib-dependency for libpcre; while it probably could be
-# removed from some binaries, the cost of doing so isn't worth the gain.
-addFilter('git-(core|daemon)\..*: W: unused-direct-shlib-dependency .* /lib64/libpcre2-.*')
-
-# ignore duplicate gvimdiff/nvimdiff files; they are only 29 bytes, sourcing the same base
-# vimdiff mergetool
-addFilter('git-core\..*: W: files-duplicate /usr/libexec/git-core/mergetools/[gn]vimdiff')
-
-# ignore non-standard-dir-in-var for gitweb (#479613)
-addFilter('gitweb.noarch: W: non-standard-dir-in-var www')

git.skip-test-patterns

@@ -1,33 +0,0 @@
-^ok 1 # SKIP enable client-side http/2 \(missing HTTP2\)$
-expensive 2GB clone test; enable with GIT_TEST_CLONE_2GB=true
-filesystem does not corrupt utf-8
-fsmonitor--daemon is not supported on this platform
-GIT_SKIP_TESTS
-missing AUTOIDENT
-missing BUILTIN_TXT_
-missing CASE_INSENSITIVE_FS
-missing DONTHAVEIT
-missing ([!]LONG_IS_64BIT,)?EXPENSIVE
-missing FSMONITOR_DAEMON
-missing JGIT
-missing !?LAZY_(TRUE|FALSE)
-missing MINGW
-missing NATIVE_CRLF
-missing !PCRE
-missing !PTHREADS
-missing !REFFILES
-missing RFC1991
-missing RUNTIME_PREFIX
-missing SYMLINKS_WINDOWS
-missing TAR_NEEDS_PAX_FALLBACK
-missing UTF8_NFD_TO_NFC
-missing WINDOWS
-skipped: skip all tests in t5559
-skipping case insensitive tests
-skipping git p4 tests
-skipping remote-svn tests, python not available
-skipping svn-info test
-skipping Windows-(only path|specific) tests
-Test requiring writable / skipped
-used to test external credential helpers
-You must set env var GIT_TEST_ALLOW_SUDO=YES in order to run this test

git.xinetd.in

@@ -8,7 +8,7 @@ service git
         socket_type     = stream
         wait            = no
         user            = nobody
-        server          = @GITEXECDIR@/git-daemon
+        server          = @GITCOREDIR@/git-daemon
         server_args     = --base-path=@BASE_PATH@ --export-all --user-path=public_git --syslog --inetd --verbose
         log_on_failure  += USERID
 }

git@.service

@@ -0,0 +1,8 @@
+[Unit]
+Description=Git Repositories Server Daemon
+Documentation=man:git-daemon(1)
+
+[Service]
+User=nobody
+ExecStart=-/usr/libexec/git-core/git-daemon --base-path=/var/lib/git --export-all --user-path=public_git --syslog --inetd --verbose
+StandardInput=socket

git@.service.in

@@ -1,10 +0,0 @@
-[Unit]
-Description=Git Repositories Server Daemon
-Documentation=man:git-daemon(1)
-
-[Service]
-User=nobody
-ExecStart=-@GITEXECDIR@/git-daemon --base-path=@BASE_PATH@ --export-all \
-          --user-path=public_git --inetd --log-destination=stderr --verbose
-StandardInput=socket
-StandardError=journal

gpgkey-junio.asc

@@ -1,4 +1,5 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
 
 mQINBE6GdewBEADE3szNmKeUAUad22z1tWkLjLzyDcJpF7IzEnLs8bD1y0I6iqH0
 169ru5iXKn29wc+YAuxWorb4P5a2i2B/vs32hJy/rXE7dpvsAqlHLSGSDUJXiFzM
@@ -11,134 +12,349 @@ WVLGVdsT2qwek+KkmOs+iNBXY1TgKPAeuv0ZDKKYrCwYpN1K90oXk431g79bKsH5
 qYy6CPcpjTfpN4i/7gxQDNI+AIgbs21EE5Kg1TPUe0XgfdJMtIF+D6wTjbrLtDnn
 09Iwz0SfIZR52IrZHxUlFXZFjk10RXYATtdMqEFgYgjYvYXxL9EEr7T5Dgso+qaE
 wV0rrg0VDKrf/afrjGOeffumlhBhJnBnns1T+p65Vz5hyQl7SFKLw+Ix7wARAQAB
-tCJKdW5pbyBDIEhhbWFubyA8Z2l0c3RlckBwb2JveC5jb20+iQI7BBMBAgAlAhsD
-BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCToZ45QIZAQAKCRAg0E5acTZgp1TF
-EACr+QRpfDmbGnUY1Rqy50Ap1eG0061vAapCMLmU+4kxqIRKm5/00YGmb7VxRCLD
-pKNa0hkH+ftA4QmnPU4j4UEsh/vAa2BGCXRjB9RixTokvQf9iOXUGiHYv1kn+p3l
-xg66bLnKV3dWScjV2IueDP4ypLEZHlWD9I/Unmrg2mJEAcz4gSAfBHWLOf/+JYAq
-6j6erIxPS5ZtIz/twQf6MCoXXAXuM6tgUhdptJqG82WzSZMuWOfzmS6DSTuqK05h
-9gpwdj5nz4jdh4u5sp+LKOqFw94JIRcE+wj5cljOOlX3Fqi84ADC8b/OzC3V9KGa
-rNnBzWdnkIoNxbNBNF6wD1dgn1peueufaP9q5CO9ljKNSOGUClwvtJFrpZZL5Phe
-NNFFkPSZpkmStcB6s8RHsyz5zuqxQUOWuvLVUDRW58yZR0WC1Xc/yi+cEFSUiKI5
-OqPNwC1v0xh7a/MObJQxTQCEKHLyVYlnohsf2RxzxaOOjgWmY2O+yH5G5ymfBie/
-Uw7zcSsJ89ovLAEG/10tkJVqIfza5Wexj3VAZbI+i7vx2gtlLqM23gGykqcv7VWm
-FD5lFWGC4Sw8M7Jikm8vn99dxZnsBKjMqksjENUX1JeUZI+FHg2CNSVBX0J8yLnm
-d8eJBkYXkU79J3GVex/WTzbFnSkPmw16MtAu/E9EKNbAILQgSnVuaW8gQyBIYW1h
-bm8gPGp1bmlvQHBvYm94LmNvbT6JAjgEEwECACIFAk6GeL4CGwMGCwkIBwMCBhUI
-AgkKCwQWAgMBAh4BAheAAAoJECDQTlpxNmCn6GMQAJ0V0jmyQ7Lvi5FBBgNTdY8q
-fVbLFxEUVAsKf2x9QxhsOcL2heQRVkp10JKv4/VQLfDwr6Pv98FQchXlBmFiySAb
-VihUVC+VJ3FhyKBtI14RXT6Nkwd18PXDvWXy2fKeiK9GPDWkufac0h/giz0T1xP7
-CHxDErQATMmYbkinyyM+xd1Nir6DUYcHJQIK2Dg2VPChkI0XXCQETLDbrC9fDwWg
-1vP36PQZ+nw/cIRt+2xkq8HHUzB7kOnXHqPt1kb/Ry8hZwPnfV7g/V0MogoMLtz2
-33pqwuguLXP7zY3jTwAZZ9VTpuCTsdVWXJDlznMNurYi1yurCNuUvq/O/9JC8WBt
-dVUuvFZGjRZWfP24W57iq/qz8CV6dThq5r4WygE83tMC3DaarNJ4f9dQUA4KpL7j
-2EMXkgoXcEy1mieUCypdNiZj96hV8Q7apSLk2V4jtvLkJfzX053glqRJI35SX8Ok
-SazZGYZHX6QfZlvznnrCF5x/xBzhbfr2Geo4rxL0BQsp2DQodqUCB23QzsPhWWff
-YtkATaD5vovGeQ9Acd1u72jH3DO8tVMH85jMO4f+oc0h3lnkPS4F33QqlnErRo/I
-Rm6jCsI/NgMZUYdh0EY5Iiq/e8e+u8gdo0akkwHlNvR4KrYrK/1K4h+i+UBIbJDZ
-pqT/iH+yhJRQ3CAan8KStB9KdW5pbyBDIEhhbWFubyA8amNoQGdvb2dsZS5jb20+
-iQI4BBMBAgAiBQJOhnjVAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAg
-0E5acTZgp4SyD/9slQ1IkYqz+VXPnmHCQFhurYcHD8t1iGBqiXxI+gpA1Y3L1QL+
-aj0fplW4KuEPbJ7xlYdLA4J+M9kgkwt3Jufw+lM1pQM9tSB627rAbxUyczj4AFjZ
-9v8GpqyZ3XPDe8NknI/V4Xlhsr+e3AHJPr355XacMkFGc3Rtw1quFVgrECttdzUD
-6xtrhwYYVAYAnKr65943UtMLsVXkJLfjq8c1NZOCov9SwSb0N9IkEhSyihd/92Z2
-NH4d+B1QTIyWagL3GNN8LXXEHK+x+oA/nbhGbFg7bqhxUW4d2JaxKPy4U3nfdtSm
-Mbiy16eUfMbbMyvB0jtLf6UFrxF5bJnYkiG18DcLSaX7Hsby8IVzZQZHYvkx5+7p
-K2SBsdek3bu3punP3dWLJoMw+Vmm5Bk0Yl7pxzvsYQWhPV7+tpgglUSFQuIeXFrw
-jVXP8Q+Ph9nO0vKIaeTcn1ISuq2XaoqhkLH+Zw1I/ruRtk2DJbZsg5BBGfA26BkZ
-WJXlO6h33emPwkJ0FanlzRtMTqZ/4RiTXv5G1L/lypX1iq6fF2V+WTh2JmEKyY+2
-l0/19XRANfaDiYULoBvJEdCcIXLbaRTqjem+70ZGvAiCaGO52YvUhBo+XCgjucjc
-qhxiF3wc24kzj1ZycrwbDa7VjftZAApN01CJ38mXGpZXiWZU4hjJx41wCbkCDQRO
-iUo5ARAA8l5PToapmK0IHBpY5ohie53ZczLV5ojWKZXNsmVYNuSBBKpwC6VH2X85
-9dVd59HigAYsS1TbDCUNGC1bM0thJ9Y92fa1WnlEqyYQZDmJ4rt283DT2Gmrkng6
-XPjvr8PZeHKtvw7uLywfdm4x0WrGrH34g17BL82u/7k0JUOgJoPulIkO9Mls35UJ
-SY/Zwk1EdkM4hHKmqJFIiW/DlPYh0Tj5x9Sukk0ATH/R/QdtpjvwJJZyph6gMhbi
-YB+G+nR/WZy9vB+bFwPPaa0EudADoIZ9LkQzU/55KqNnKH9dPqPVWEOBZVZvPqiR
-iyRuffMIJ0t9mtvc/jruS1qiTZdJoy2vl6K4Uqc+huvlHeCCYR0lGCeDB+Ixuz9x
-d2ZdUxMgwgcNiQOCW70YWtxf0LF2seSJdLItHDBOu/f3cqKwNGUvcC3d/9qVb0wP
-SI1mq18S02MGcvDySsjGtX7o4kujUqE2ZNCW6ORLJUC6zEYu3TRNWrXeS3uAP21x
-UrEPkuTiJL7SCS12FYJt5agx5NIUKI7bkIUbLbiuhC4z47MFajW9Y5jUQk86dk7b
-jGqVrXYIu92Dhxc2CND2fWaMpYRhwvHR6KQU1yYHYkGVlMHiozM5D+4dCRRVI8x3
-p/+ypFBZmZr7yTpv/qD0N8HHl2NAYvGRQdzjyFQOXERwaXuzjCkAEQEAAYkEWwQY
-AQoAJgIbAhYhBJbgevJXcZVZgNrRACDQTlpxNmCnBQJeHMcfBQkenRjmAinBXSAE
-GQECAAYFAk6JSjkACgkQsLXohpav5sukpRAAywCaKmo0HH77yNkqormnKtRBrz8j
-tx68e//pq/AyCrghKUh91iLGYji3/E1qQe7p7Ne7WAn3uFZs22zrNKIDGxtMMCQT
-C0Ne4BAvMh1NzwzzBCCyirs1ccLj5gKkoFkKfTo5U5NWNznYPM8uib1uY5vdRqIJ
-2vJ7JJykNdcW5od42TtWsOxH2zTp4SRNmX8QPaRbfOxPdlKsbp0eIO6kk+Lx6gEv
-WAtEda5xSd1PwyK7SfGadTm+8Rw5UeP1kRtuKQPm7sRBB0coXDVHpFi/nMWHzVxv
-/NKhLAkzIbGOV6rL8ihVhXGqEgiD5Q+QdbaNsiLtHo5niBzpbnzvSopBYcOftrhc
-PNDY0RYXYb/5JZUid/JBWKwV+zREEnbgtsYDbwFEDnCVIGyXAoxyas/S3b14izat
-qgINxiYuxpDY+w1O5RywjOTdLPUWlL5YhH1W/gwbdyGiL4sh0v/fzNy0vKR5zPt1
-hICEA9YvCI7k3b74O6eiDB5fMIRPkNr6ubZWe0T6x4eL2EjSFRXIEmbmnAh93pdp
-WFrXH+Sf1LKhBZzojgUsQU/rzB2R94S7Vx0Z+tzgDZ8fJe47ZUEfzJccyyGve/QA
-sLLgTWRwRP3MSa1rC4wuWtDDMk/drw9CpmeFeRFn0oDIBo/m2mBv+UNAxSdijREz
-vPRiwROma/RawVcJECDQTlpxNmCnTLQP/A1WNmgPCCyFqp812Zvgh0pAqceaM+dg
-FlvNi5j5Jyw7/hicx2e0BXgKt64TEodphknCFzZIFDq3jJSdLt1l9NHpiLVM0Hf0
-cLFGF3eRHOID7PeGJGztLJ0CGhhSXaPh7nNLK0G9zXCAasedpowX4ZUntv+p/+Fr
-jQ8eSgyyljvrlywK+tH07F1W6t6eMNOw7/AHx7fkOux4CDem1FsNbhZWX8YPUATo
-vP1YLBXcrQgpJPpypG6up56D70ewTs4l+qNOISr3phG2egeEhYNwv6GUv8aelh69
-iaUHscT+DOXrFKq+RSHBMzGFFTrDJFDSu3d3A5Rg8KxJMcOxc00L3GMPchrFiJH7
-QShAQdU/ocF0MAA6n56g/QynxafFI/MRMXVTmF+lMBW/kK63pD3AJkIgvdLdht5o
-s7aKlddPrmIulaELIDdF2MSicMmgWJcqFkqZH2HIC+gx26Fafn2vfiUqsEc4NTpZ
-qhf66F9UjPKfYFfLhbGrmq/giAk1qjiGnBzCUQ9hXVqpmFfnVDjmQrk8KB9skDms
-PJgZ4hzmj5AarCpFtDmE4W7Tvi/xqgrFZkPX/SDhTWInJGcWaOTvlc5dkjAxKT6X
-LUGLScJHxhaovTGVzq1GWhhNCFhCs4AkWqPKhYfeZuWiuiMLZaEyJPfTufT7Svab
-pOhlaD1YY8fvuQINBE6GdewBEADxm56jO5pnVRH13BsG38o1qD9mJppXhf0mb6dB
-ORP1b3YJNaknQtxVPXSlXNAYNStYs9bWwn+RrYmOEfy0MWekqOBqgHDEf50ktZaz
-hFd89dt58IA+WIFo7BFk1XIr4USdSEQeL7Pb4oSg5AYn8C3OlT7T3nxWBh9aEbat
-EfiUMFKikLVVLdbEL7FBzEkypHfQCslDlq+ggAAVBzqrMIBn/idto87UrF2x/qd2
-P2PJl9pUf744pL9yzX+cNbQld0Yf6gQW9/r0UUW/CCU4qpPDvycyGIx3Y7PV/MjA
-lre4qJv4khoSFasAAjDXzyUIYhw7yMmaAE/lEOVN7M6reYDvhaDCcWfEn8sjH03/
-Wa92vVx7boMx5RAEh8YE2KZHEZkAODlW4pnDKyaH38lj8pa0dh77RXAD6X1XPGwi
-zpmjfrBBPGvUNGsdIpJaY4KEaZ0+v3bhvfU0DWB4dmJB3aPxC6CFtVA0QBGcbw16
-jUeA+2LUJgWMs86npHaPzD99J4Q+Smw9mZPfyT5O5yymYXOwIp50aUjkGCQcHtt7
-jisNkU52bFD2JcQJr8o67JIcqFNdhPAnxC+BN0QDtCyXT+wxC1Uvh9E//r3JPEQD
-REfEUb3l+3Sarz1KCm3LUhx1XE82Z6c96tHopUfiOiwbtxv+8UypXT2ntKfprz1U
-dMb5jwARAQABiQIfBBgBAgAJBQJOhnXsAhsMAAoJECDQTlpxNmCnFKYP/j6dmEQW
-ZliWE8le9Qzh1WqTbHd5elaGJuW0KGQ+g9okWBkh+sLlPxxTk2f0b79Pc7K3OPy7
-89OcIsrbHD3jDp7TS9IVpX7kVZnvnts5oV3XcK5q84XDEQqa6UIlfiZkZJCzIX8N
-kSAbv0UmmKKLKS+ANIEIZBKBrWxpYwvG2wBoWPkpNv5mdEuR9h3pZ1aCSZRXysMl
-WXo5cMYuZUhabrOqTNP5efEm8iBREHzNSotsiOhHuu7OIPmvZJTUjMrR1wZMCw+Y
-uNO2kT3t+ZFTxCx2aeRzqnI55LYFQVBpgSsap/seqRZfj7j7SBb2bSbCuhNedbAw
-b3kDWSfJGy/IN6vPdsc3NdsYFK+X8cnypCu4pZDK2IU+CkVrq/ukR8TNdrpAYfEY
-XbLq0XFOT0s4jIcjf3dAtlGW36hA0AKPw1BL3cyEGfv2sq75gkw1/jIYMXGc8URJ
-y5AfgELIrO1dIjMsm6vFFLeHpAobEP87UEpqIyJtwEIfWdcV5YHYmlFkGd21Lnxp
-f2dBAh5dc4MJpYmFZGScSDtTcYCDEXICTgedVOt4WCaV5mwpPeSEzr2TOVm6d1nU
-lGBJCV6QPMEdyx03hRkwaTMth0D/SYCvUrjlGQ1VC4WuTveSBhTH7iDrjGSoXNJu
-P2Oq+jb/iAfZxuetjpKFD6TCMR0Bcs/cEZuXuQINBFQduiABEACYnNg+kGmtkPmt
-kQ/75P8lLsljMk9IIwXGmnFILLpHBM/tN+7wGDxODLY/pPZ2Qfmp7PZLr5Ok5Qnt
-v/g+YCtVaTu5Cajt2TOsyH+AYDqtrjjHIt8d2kVloq79ONsCUojFtbFD1nf5W9Sk
-WQgntHYRYY1MaCkNd3oUp74TQugzk8Q6UBDamAn1r4nfm6QNXstItqyWsCgQhixW
-Qi4WzQc4iA/83t+qUJ+32smjk6J+rGUbbEH8zTASXmcDWYBuPgjo3YEjV+3/qNar
-zncYneJfQXwFSgvcR9oUuBQ3ydWJd7sfiImuAnQdRfEC/JFb0iR9sJ395Pw5WQfM
-Esrp0uL/Uig52mSrFyIfanxhrJP4j+CyCcJp1TaFINag5/YwHX3GzoikwXUukb+h
-KxXxK9Vu8Eu2gAlKFaHt2x5Sc3D1d+nr2QyMkIThC6/d3+XUjgOIMWkCK5dgkuz6
-rs60cRQr8YBGf4Jgk/Xrkk/SjBjBlcTz9lrC06wBRCsa+0XxCAHlM7gVp0HvMn+h
-Kx9ny7dPqaqhg8WXuBL0n8yAXXDSgDAin55mRbiKq2bNuMaEJvwKNFU6ENHGSngT
-w/Pt6B0dbeB1SBVxJPGbGmk74BL8m5V67Kb7MDP05OLSZsUyNLQCpfSgYsUA14uV
-GHE/vE6haP9/DwMLdyJ/CxSjQJMk+wARAQABiQRbBBgBCgAmAhsCFiEEluB68ldx
-lVmA2tEAINBOWnE2YKcFAl4cxyAFCRkIqP8CKcFdIAQZAQIABgUCVB26IAAKCRB1
-lO7Hs/fKyah/D/wJ3v4WdqGo7KgW0kmWfFVWZLKwtb+16gcy6nIm7F7VUcODv+qR
-LA/4UUg72yabVCXnMBi/eEHtkVZWlB/+tzg643DiRvXTCZiwoS5c6fTze55e/Z87
-qY7okf40aTR+qWuMgligI/LeXunr1Pu2jlJLMcUVh5QLxLZ8bDqpDgQM9zcdFmKQ
-/ofUnK7y6gYyUl2KYJDYi0alzjTm+73/S0Mc7z08Yp/s+dtKPbU9imKCnNRkPTQp
-cwlYHWJv0YPQ0TdOkid6HJC7CmZEPH845D+qojAjYBPogNIj/RaByaT3kN32zu8+
-jaZJSCnBM0l2lSh/qO7sQBZhqPX5pJDjjj7d/ATY7XxJCnK/2cZVSuVhMXPIFIAQ
-G4ZYFUaQssjQKLN7BXJUo7+ec1AMkTiwDUocPza8h+fitcpOsWWJWWvZvkSObbuP
-KGn7BgoTzEehO2Rz0QsNjgOa5SXxmc0zX7sbB1XiMxSe7gBZBOnYjhPVcidO3tWu
-M/jXGfZAL9ISq6Zf47ebXA7Y+6Bx3oquMgtSN10gbdoJvjqEBJNN65wadvBP8+Sr
-L+nWRGhsfmu8jupXdJe8h8ysXCboVkpXHuSu+lDjeL9WLqpwc/XkaOy7B6PfwIRa
-YYHnsKs8ogvDuTRJPV4khizyt+A6aiQ1PQqxSKWGY+lzxbmBkPhp5v1N5wkQINBO
-WnE2YKdkRQ//ZKvUegOZTtfivAZI888o4Ocpig3CFxJGlXa52JUnDhYFFpRtXRTP
-gIdQ0zBvhNjmBnELNv5/D1ubnjqWBTaJpZgUXIljJufuWL7VdD57nAAMw2VLvNUe
-38iytUYTAPevaJtLQ4jfj3E9MYH4tcMBmlZ75ZKqiHHH+7+V5J8TD/S01xROK7H1
-kGkXo49deB7K9oT4uno8kE5+AgmEMI80XiKjfQkh6tiG5I0W58DLeAOIxCRkm3kH
-Bi22PpuAKhRelRQnAF9dLdlhZECy5eYl7JKQzOS/dQ0Z3zg+HuDBRyhrmV/go/9C
-npFGUZBa+FOC1GMO07GKH8tZY99D5tDCAH6r6S+RrYS690mWpjXhqouBtJezld+X
-dsgKwgKHk3IEM4m916O0E75kiNk/AD7vZowwEBvPsgN+CDXCPgH4J5x0p9uyxnKH
-omLBd7cuJpio6gf4O1KTl1tlVGcb8f+AUR/MIe70NXyEtpYWMiPW3/0dKwt9APgW
-KSX0c8Mp2XKH/vAEDx86XTfBNrnXyUanOQhbLQciYzolJjiPrB0C2NgFFFXSHPwC
-ikyT5n2RehAJVmg3eufB1ZOKQgo7ue3ynkW4JidgyCUtsoYSmipl9Nhw1hA3ZNK1
-FVCx7tcmy0ZHFO+PV+p17oAC8ZCxSRE0oTeHKcgpF5+DRhQM/+UnmKg=
-=7hTI
+tCJKdW5pbyBDIEhhbWFubyA8Z2l0c3RlckBwb2JveC5jb20+iQI4BBMBAgAiBQJO
+hnXsAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAg0E5acTZgp+dxD/4l
+rBl79z7SK7RUNapxiosr/1VVf2/fWHKqGmjbZscc/8Z8gbN8lzan/8siXtGxhpxt
+t/F3X0ag4cQGB7IvQ4eaEJN0yYmccgdjPvt1OkHFTywrg6MjSx5kTk6IjO3Ngcof
+te3VVcdGwOc3Q+HyG1Pb5N2VBL7iR2va+NyRIxtMSq+WVaC9YRgK8lhrkFM7zTS1
+S/80W6l3ZL0TaGxg2Ys8cbfVruefPLr8SHh+TEssij55/sebLPsqyP+aGXfYc5FJ
+VcFnYxp6FdKovODLEEjR97HaTo3z68jSHQWCDJDp1vYpjqdnTGCSwnL2isYeCcuj
+dLLKOAlbKu2aiP/+rZOmZfbxNK7dWnhg/Z7YC+dq5Mt/W+4EcaRvf5MYe3V7PGoL
+XURi5dewQD35PtxfT1Zj0KQHzZ9m81IE3s0zjTAHSVqwFXcue4Jwr9SZLEjKSUQF
+jMHoK2VwTFKu6UA6JS0gQwPwyHYfdOxAm0dEUTcJqrWOJHjHu2WNyqzI+sh9lP1P
+S4l0vsVwdyTCkWos0mVNlSiYq8fZ5/fcUcM4Tb4AJlvV1p1t+/dNNDgf/qWmMkQc
+hyLVCQi3zPFtbAFPDp+PVcninjkyjB7chyRGSp0aN6mFmnrDxjDg3zz7DWe3Q6PI
+790RF4EQY738+WcoKhpuJfcAArfQ2xgKr55VSs7glYkCOwQTAQIAJQIbAwYLCQgH
+AwIGFQgCCQoLBBYCAwECHgECF4AFAk6GeOUCGQEACgkQINBOWnE2YKdUxRAAq/kE
+aXw5mxp1GNUasudAKdXhtNOtbwGqQjC5lPuJMaiESpuf9NGBpm+1cUQiw6SjWtIZ
+B/n7QOEJpz1OI+FBLIf7wGtgRgl0YwfUYsU6JL0H/Yjl1Boh2L9ZJ/qd5cYOumy5
+yld3VknI1diLngz+MqSxGR5Vg/SP1J5q4NpiRAHM+IEgHwR1izn//iWAKuo+nqyM
+T0uWbSM/7cEH+jAqF1wF7jOrYFIXabSahvNls0mTLljn85kug0k7qitOYfYKcHY+
+Z8+I3YeLubKfiyjqhcPeCSEXBPsI+XJYzjpV9xaovOAAwvG/zswt1fShmqzZwc1n
+Z5CKDcWzQTResA9XYJ9aXrnrn2j/auQjvZYyjUjhlApcL7SRa6WWS+T4XjTRRZD0
+maZJkrXAerPER7Ms+c7qsUFDlrry1VA0VufMmUdFgtV3P8ovnBBUlIiiOTqjzcAt
+b9MYe2vzDmyUMU0AhChy8lWJZ6IbH9kcc8Wjjo4FpmNjvsh+RucpnwYnv1MO83Er
+CfPaLywBBv9dLZCVaiH82uVnsY91QGWyPou78doLZS6jNt4BspKnL+1VphQ+ZRVh
+guEsPDOyYpJvL5/fXcWZ7ASozKpLIxDVF9SXlGSPhR4NgjUlQV9CfMi55nfHiQZG
+F5FO/SdxlXsf1k82xZ0pD5sNejLQLvxPRCjWwCCIRgQQEQIABgUCToZ4eQAKCRDA
+xtmk8xGbmhJjAJ9YdwIYsa0q1i0kCLOWlXNTMRpXmACgivss4zsxTs+UsHKpNm2P
+e6t655OJAhwEEAECAAYFAk6KMDYACgkQvkvAx/ZRq3vafQ/+KgazXW7OCf1BMSGy
+sl9jZYIgWp9KP0SR6AG7WWEG8nHbfEaSrUyM4i1x4F2vAbsfqQLEkJSI+6z8L9rP
+7/vgWxC1Zx58txQnV+p4h3L5gLC5wTAgLFL54E5pr13KdeGE8Nn0ve49qITJZ278
+ZGkIqAir6MO+tDPR+/Oj6beh5dQT/N/otMrcSEzCoRN1QwcQltNduISXKpyMnpRO
+t9riz8aaJkY1dupxrn8Xr53GrphKEH8DLH9Pwe8PjBfKcOtY05OQTkOgq1wKCDMq
+rP6DMpffLvdHyPZ3otkyaMEx35gWIQ3mByckCB8OQlf9zM2vFBvgR7GpJ43dGcBS
+RmpjnzYCVFXohR+T0jfPU2qTDki5OpmyHlS6xinFtACw2sbUof2PkaZgLxS4AU4T
+Ju8M7lPM/RUL/yf+lOnfgl0y5CSPJOo0SxAIL+UORhlpxrw8uB9SPWn2+64Qvha+
+Mksp2/UU7hjFbYPywL+sE1a2LsX3s/lchJUmLvC42x6iYpcJqcOTSy6DHHRqU1Mc
+FcmEWQ9dmD6g1pdxBiv0riA6VlhYNgDik67sZC2dMaGLoCdoIWgFH1D96xV4ousg
+oF+jlV1xtxs+KCnjvEmTITBP/5o50UQ4sxcd6Br+I/6cGWL4mTe3IulxxN9yupSw
+TPLBu17W3ON4ZE8vv9vk5AziB+mJAhwEEAECAAYFAk6KL/oACgkQyx8mb86fmYF5
+qw/8CQi20QzdVxDL2WfMIo5J7AOrpKQhbDbmScURKW3AmH8BLI/tFP+FpZ2PwFMh
+9xWmtdr3zm/NKVYHP1BpCKNk2hiAQtWGAlzO8YYKAw1v0ZNNOjyOOpeA4XIBrwIK
+7lMi8NJlitWuJqavnPYnptpfNuvRl2JWTqd+MZp738aTOBXwz/6GqnWRaH47La1g
+DzXtK5nc7pB1p5BUelhAUZE+W0uBxZxBr3P66A7EEwfDtixsiWJK1p0LRtJwzPQu
+CQw9oxhTUIghutUZ5N507SySvYT7kLbm0pr6T+3AYgu5a7f13qBOd8JMLjIbd5vQ
+y0aTD9RNf9R+vNUErBOo009s2Mdh83DU87P3QzbeNd/nUrW57fwMVzLhaqhlX8nz
+eTS9Yv9+/6UkqouI+uMUaroEgBIt+VTSUR+MML28ii4CEJc+n9YgXWMEsvsSKv5C
+xQVM2TBlYYNJY73K99k3jG+maVI4uX25ZsYlmO+L/hSD/XM1ROrHfNUfyhHILUkI
+Vyx2nOApFYpTUPV7iyJCDnF0eImuX4e7gJ2JPNY1f5rPAeOJvRbJs/oStkTnfc+v
+ZDi3KOWxAIPaAjB1atFxWp+hxuxDHzhFMVgfnJ5cZDTgrBb3ftkE+0rdyHfLMM+g
+EnxbQIJ2r6S9KQZAJJC6kIXyPRi/49Wp7Eqfx/KZfnllhBWJAhwEEAECAAYFAk6K
+MMQACgkQjBrnPN6EHHdj1A//ahy751AcOwddYNooUAkvSUoOUkiDPH3gtToQ9Acv
+uda6ZuKw+v7+kV6JAICrjL2zVfo65lYDcsrepnHDaGS70kPA9A5CFoh7ba+KQyBS
+Zvdzc5MQlN1uwUNI8+BzCSlctdCaTQFtDVNr8iXQBVQVpMCoLw5+OEp6oC/dH2E+
+PhuYSJxpwMvTtLpNhV7K6kPY2nPPG33GSC0zQT2G7NeGqffKKlfPHprJfYtnKqCS
+vrfkvgOAJWTgJTBIBHuUMQxLVVMJtgY4dEiCS4/X9m+Xtor971pc+/FX1cVAEm27
+rEQSq+kn+lQsXCTINPx12wQf2HRSwgruvDQ0rVMgBwBAD7jTZYR2xfXw/DTqiYuL
+NVcLmZZ450kxvxBvUReTOPeCKqQC1N5eQSIqIEzIuN8AF51ddxdGXA6EZCy5CfGm
+Z89bSj8Hv9yXSTdQY5rrp0OpF05XE1c7U8dJUvUlEZLi7lLFvL5l1etoixFUeEnN
+td/dSkPK5tXj+ryDrnSn6Y8YNrj2gqt8ZVqLoi9ADQh6EwGe6AOWW2sJvVOwlAHs
+MVTz2+uLXNuM7pjT9N2W1AsR0KZeDGqEZ4H03c8/awidtnqAkaUV4eRRLAIYN3Vp
+TC0P8m4Rm89t72H1ZebzGrHGN1lMI+G3wVoEGsNKbuxCGo76xnBQWNU8Egn99jyJ
+VYeJAhwEEAECAAYFAk6KTm8ACgkQvaBghUk7rOTXDxAAun7VtPSqHqmWbjlZ6lAM
+HhoWFlpIETpa433WyA7FeruqshPEJlxQXXkgOyD/WXyZqVmh16pWZXdviJWuT0YE
+nnt2oNXfRwuyo8MJUuJfzubx7tYOwVFGMQ0U6anzRdiez5CWP8tw9hCOQIKDqJI3
+qMMCcqLOzvNS/Ho8iXULlJ+k8bD5yyZUzbsy4JimR3YPKWJi9rXpcpFiQGLeHGPN
+wvmUn/bW26KNHFBOlBVxUvkOSiZusT/xVEGfDCsu1BFsEF1Iigaa3IYZXNcMLVEy
+pfbc8GozoU2+T6/TQw8uPwXhJXzKUsk1OJacgJtVvQfJGWy0SXWrlBv46ZokFnVv
+fNjKgRhvYYmfojK/kJ0lE6Jm5PZOqmgmUabZXDjOIngODvJ2e2lcaxUu8MTNS/XY
+5gZQqv/8Q/5ptjeVB19OGjpWQ1hWyK53sDOzTMqA+5LzD+Lub8ETuFnkY3bW5VnB
+1B77uhskv4DKH5jsiOSAKik1rYOF0M06Pjumk7FTCB4bkwlzdsyjEzsyrOBjg8Ml
+ckmNmwI1vRonhriyqxuJNFyhE/OSLyXlSObRztHJsXII+Mui3eQ2M1mTpr6EZe5o
+Sy0Z/Yb1gX/tNZNZ0KEKBLUChTyKAYK0Kc6rKZsfN4laXZoZaQjbUpbTOJCRgbwJ
+nR/AHLo8fIcqMZdj0biHUmWJAhwEEAECAAYFAk6KQ/kACgkQTQotlCAJATJeTBAA
+5CaaZtuQgsJVXmPlwuk1Wqfjo7fsfgqM0miqQ7wiab1S9tcYVI+UGl7iotjsWG+A
+oS5XtbEBZ/wxCpX8Ram+PIsr0SkTdJarSPy+U+kTLKguygYwtuXft4gxnInA9cuZ
+dBbBbTh3i+YF2i289J0GErqYLbzlklLjstrjEjliWXI8FapvK+rqMUMvol6jerOJ
+DeULk1VTgcNITmbnel8EiGLNdCdwOz9KEzD1Nhl1NoXB61SAGciMl4ssezkVC7LX
+omaMWrp7RXfozrggGaiu28Gl2CW4yvJ7alR7nU/nyrtFqy3cIGTAD8UpZWd1AcYf
+dt1Hh3q45qyoIZg3+M3bsZis5X+0eiGFH550bw5SvkHeCzorQmNKSTWjalxYu7PK
+uJv5pk7Z9dZmFUTyvkGeBPYwNq/WDXNrBtpy9REPc4Z5jbOTpnSLC+qFVUWIl+a7
+0Tlw45uDp8lOWu/CD6pbpHTkxSxwHIM04K0fdoMFvzkmenOx98/FSuLnCYbJzV3g
+oANL6biHk1w5RhRb5LDeTtiHayMxEeBCkL/06PUA26OCoFbmq53PGlhKQnQxuiPt
+g9gwJYMkkiMUrW6p8s+xIwZKeXbjAFFParPYx7rFzjbD2VlzedzlUgN5g20izT5k
+l+/n1oUxggmWnO0cTuO5LBxKDdp21oqhhOvCY7vN2u6JAhwEEwECAAYFAk6KVo8A
+CgkQIx9wyqsxaFDoMg//ZOZXcgMIVBfFX2GLiFPfBclysUP/CWn6o7ZYeshhLWTY
+kIPxvLn7nPFHob83mX/iPXYnQWZggahWu148ysKmMvulYeNEwvcl85QULyJRNx3G
+H0PG3dfVavFxgOHeHBIGUlkLGcqHFjDM4HqaRAbQ2CkHk/Ds5NiHVT45/rIL+M3l
+A+leFxNQ2hl68nsRL2B54ml9/bQx1PhLuDTGT7EMxkgLMv9cspqpT/nIoT/3Nq7E
+IrN51PZDixpBcxalz3NXtkirAKLXI1XKlRDKrzL27PZiXZTRWZCbNdpf1kkjauD2
+RN9KOXT9izvbC6PrJM8/cikOCpYaWfRUe8yXAxqFP7NK7z+8vL6TFPRnBwF5DTNE
+oHdf+7jBbXwV01f/At6YtcBBvNDGOKZQE3lw6Bjqace/z1IIeYggq6ffq9h554O+
+0skye7NqViZh2y5Kd2TrYZksdhRgfRcMDJkvXj3rINcoaWf91u5Y51gFfHB/KiKn
+rTIn94bmLh7omcZjx5dde9IpZtk3i0REg+LoG2G85U409AoPHbnbhXwbmX/ROp1j
+dl02ewbLAo1GzX2E+NnaKoIgEI6yXpQgP/bDeTJrOq4B4FGHbLv0jdfDwgAcOz7D
+xrmsDbqivcKS8ncYSlEndnIE/X+RlKMCKGHcpht2dwpfxNzs6xqeJLtNwdkuVBmJ
+AhwEEwECAAYFAk6KVqcACgkQZrFaRl4fnslDchAAuFk3mX3Fs4ibFZKd/wOm+Rgq
+WwmwTxbu//5e6NVb6wi4Rh0T8zDVlNHxXKUuL5u1Ywnjee1JPxn1xHJRYh5Teb1z
+rZVD50NtF2QDzJdWnsCEp6zVkI791+pI3yd2oZOpaUU4jdjfvukExKl2y4HsR8RY
+7b0G5OxIHdOyEmS4wtKr1iaoCXzunMi1y4jukBxo/RsBuipizn7QbEkTnuL2tMpv
+oLbXJh6lIZ8pHcM0DIrlATGGB51k01+ChabSKWZhlObZG1vNWwi8/5uxHsUvULLE
+fqXeDPRimrX9gL+HbUkXqUq4kyXVbqXwdqD+hfETr1aWeal4NYYhwWU90x5171aD
+lw509mmQYeehpWY2Tm3VV+uY1BjYEym5bbTCWYxSS1vu1illFboZWyDUaOzarT/m
+TxaHm6qsMhcKj4bfAxfG6+t8cNHwYhbpNLmn1gA3J/HKPlHagavJQZcYK7qjkUwo
+UD1l2+KrK+qEskHXzRZ19CZehkO7+II5jghZlZGSi/T2OibOmyuPMYKo2Mx9dizg
+08aD+H+A/c6BBKLpZr6dAlJwLI6JpyEoxKsWfqhbT22ml5P9CydMFy07ZNrleX23
+Pp4aB6oEvI6806RTVi36pIrUTdtwpfHY9vVOQpbYDCagfX7EDusGIDguzOSycllg
+hAM0A5oMlDWWWAoqHLGJARwEEAECAAYFAk6KZssACgkQb4/yn8cykmFRLggAq0+u
++mbzSBMrGtrdo3AmYObe9QkfK/G4iNG4nrO+lbJUFGbbkWrmjF4TTPA78UCKsyqx
+uGq01R2SnMdHUlg7awOepA5u9WQiWxJJ0znqWgTK7mLXPVAuMmkV3HriAzoGNGez
+gYvGWW1NGc3jaw4snDBNx6yD1jVKmnECCLa8cks0GA6qy9bf3DQrASeuQWJ6L0yh
+sR2IiyZd1ppsLW6B531dNWlR44fm6nPl029OKw+bUxATfjeYpD11CU78UQ+fQimF
++8seXAb5J0zN4kWV3ldJBoks8q1e+6NQadTeKg1tioCVFDx8J/UAL4AEsIV+jUua
+JBufd+JpVcXsTUoVOrQgSnVuaW8gQyBIYW1hbm8gPGp1bmlvQHBvYm94LmNvbT6J
+AjgEEwECACIFAk6GeL4CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJECDQ
+TlpxNmCn6GMQAJ0V0jmyQ7Lvi5FBBgNTdY8qfVbLFxEUVAsKf2x9QxhsOcL2heQR
+Vkp10JKv4/VQLfDwr6Pv98FQchXlBmFiySAbVihUVC+VJ3FhyKBtI14RXT6Nkwd1
+8PXDvWXy2fKeiK9GPDWkufac0h/giz0T1xP7CHxDErQATMmYbkinyyM+xd1Nir6D
+UYcHJQIK2Dg2VPChkI0XXCQETLDbrC9fDwWg1vP36PQZ+nw/cIRt+2xkq8HHUzB7
+kOnXHqPt1kb/Ry8hZwPnfV7g/V0MogoMLtz233pqwuguLXP7zY3jTwAZZ9VTpuCT
+sdVWXJDlznMNurYi1yurCNuUvq/O/9JC8WBtdVUuvFZGjRZWfP24W57iq/qz8CV6
+dThq5r4WygE83tMC3DaarNJ4f9dQUA4KpL7j2EMXkgoXcEy1mieUCypdNiZj96hV
+8Q7apSLk2V4jtvLkJfzX053glqRJI35SX8OkSazZGYZHX6QfZlvznnrCF5x/xBzh
+bfr2Geo4rxL0BQsp2DQodqUCB23QzsPhWWffYtkATaD5vovGeQ9Acd1u72jH3DO8
+tVMH85jMO4f+oc0h3lnkPS4F33QqlnErRo/IRm6jCsI/NgMZUYdh0EY5Iiq/e8e+
+u8gdo0akkwHlNvR4KrYrK/1K4h+i+UBIbJDZpqT/iH+yhJRQ3CAan8KSiEYEEBEC
+AAYFAk6Gee0ACgkQwMbZpPMRm5olWwCeIfUIBkx+J5CWi8lLt/QiWJbmXTUAn34X
+sZP8NxiyYyw+BO8q/XSjOUk2iQIcBBABAgAGBQJOijA2AAoJEL5LwMf2Uat7pRwP
+/3cb2a04QUP+5NUS8sDULlEFZAUTQcnlKgiWFOVQwzASDespiXPL0sqw/A+yZKAG
+M176KjomyD6zBeLrtvIMWhWKUd8jvHtlQsXlgv36NBz6rmSnbQQ+TWK6QomMETsO
+VQ+ZfX+aR7EEy9WkaDgJiWtfigMISGyzZ/jITF3eiBJV1hXSKKn128iuhwNwg02T
+TCPoxECehy+lHr0u1MG20gcnaQdk1KCC75pIIb0VxWMqjiBgU2xZwWPzSMlDZgiU
+00YVFTR3746VeLw9ywb+JsqDplNJwES1P7EqCNASjzt/jWShLtDrryGgDivrWDRN
+hCjqBaukqxssdox2EXOYXNCtUcEvYtfPcYneLTa81MaRQ8cRYDdkcI/WGAv8vGaq
+NhC6nrmlJIyWi7Ql0VPV83inZxEnR5KLdPocoU7uPMpT2Omp0HL+arhU6+f8Cf4J
+M8v/MMpMwmh6IlCaJxjqkYev23yfMlnP5xM9MrHDsNmMSyIJ/VlPutszSJzAyXM1
+KRpxaJyPokegYl0YTptAONHOt4KJhgag7bkveK+RwDRs1BvK/KXIZSbDpnCCfE/L
+PARg80SKo+etZQkkZcHyPZEb9iZssp4Rm44NgfHBuWJ7QACkRXbThzaoba6ThwKl
+9oHRBi4+WEDymZf3aa0g7EWB3OjHfDVr3xp6QgmP1M8viQIcBBABAgAGBQJOii/6
+AAoJEMsfJm/On5mBr+sQAI3KA94kGfUqfpHjohh4ExBW/13GDa2sxmTNEMSTNtfF
+qlNqYuGbyBkCnDrQP2xBhJIVwo62pZgcPmBdRc4KYOexed1eesVijIJolz5hScMP
+aZO9yUCZvhQ1UkqmARuDJ6wzuAL8wIJoIAfFBknJFd945ztmxNrLWlWgWseUHcJv
+HIC54rFkNvJY0UbOJyRjNFjJ6VueQ7HSJKqagrUExAxVD5VUFxgyLZg91zWi2eYN
+f/uloLKBvd5PD6vCZcLmQUm7uyhWW6PQYUtUNq6/3y4NKOoGVWsB21e//cYzuXzP
+0wGQ+Cdso86I3HjL9TVO+ZUx0KBHdIXZfLyrNC6Kiz1f+69Qj7sutq7qhmqR1tcF
++cnKnMMtkxeI6v6+gsm9+0ZMZGFlhsfTzq/nChdR205wtMvWx654rpeJjPyzZXBW
+N+9A/Khqv9abLnAYKYVUwoVH1qhkkvWxk78WMc+YFjRpeDboum9RRVN8yG/ktsVx
+h59oh0qiiLLsQf3cXiPH8kUw9sKKWJ8UjM2UCi3o/6tjh+DlMPLQ4/CeRMlGr58h
+QXqePg1b8YCzNuOg0X6CF9YNVdW6lSRNjjDJSH1W56BAhBIW1xZVil5KamijkbGa
+Mbfj3kijPvfLf9n9KfuveU8z7PzTSuzhh/UzRYyoQh1qG9DBZp5KWJVljG4qFZ0o
+iQIcBBABAgAGBQJOijDEAAoJEIwa5zzehBx3Nj8QAKI4kYCz+z/DcBB/1uYEMC6P
+DlE5wSS/4RAVpDDyhXeTw2OR9N/Req60dO/anBD4MLkKaSDul9SSMgsFo3JM54Ke
+DqzoMDA12+rzdK3sH6pewWt5JYMQuhE0Y9T8VMq6FhUVPdcIEPBFdyIA7SYf8g+C
+UmWBvMxsT+krS4zttOm/B1kOJr5F15rZMAk83F9goUrys1GbAVggFbzWxrJbvXnc
+9va72V7rNklFDGwtNJ2lAqUU1Dqtva0vBSnOqPlP0UaC2Ad+rf26Wkvfh6YACEX2
+1NBvt9HfJKCMBx3lKbhDjhDjFcny9BvEEH5cmQGtFmjYy7SnyPE6V1ikzw9DIK/d
+tZyDR5jHZZeSotngq3f5eBUY0XQV7QYh27wYDSsRmBgPmuERhueX9bajMdtoDm4q
+PLq4aXxhWtTowvGjfk4GG4UBi9So8lWU1yZbFHp0yeerG1sZN/wMtgSVy4MzHrwD
+rQgGRJ3n4x3S/x8jS73NoJAbmrngIno7lUogwNg6uhMCNFpGCzGBLWMu1zY+oDFo
+BOAleNyLoYhAXiBGKL66qwfoWKwOeX/jUawbxcnzyGQBmnA8Z9djv6bxU3/sDp5l
+RvJ48TruHPol01lMUOMfalUL9H+IjEZmcpsToNadxbxuRLchFECeNSien/QD1XaT
+M4gm3xFCG8YpnHGPDo5viQIcBBABAgAGBQJOik5vAAoJEL2gYIVJO6zkkZ8P/2w+
+5xUoHYbYJ5P+2j07HUV6M7YtxZOb6vIHoWGCYSNWRKjFy5MeUhMW+JNU++W6MOt9
+Ru7MDUFzrHPKKjtg2eK2rVJ/29aavrl/ywIs4MMPF9P76vYsr2jzPgvsnlAp8VAK
+bhzZRB6pE+tBMz9OE0IqPNcrkbKM7KpuJulMOCeQF8QC6YsPI6vxI4QKteC3vHBk
+x8tT8QCvSMDyqk/jmYtuBABlfnzDtwRPabVHy40/KtHObr3Na4MXrZ4Y4/Xh1UMs
+eXblaA76YGRStJwP3VjEW+hqp9271VgxxG14c2jJ5mYTjBHgDGlpLHdFNi2ugmh9
+A1jSk3lR3qsTzigRdjRT2n6JwlARDTLiWzFGbFgd+8OTs+Qc0MwKygQ853t/GWqS
+00Ra4edNl1pnIC12QspQdzZ3axXB90sE6llnu2CjfLFLxn1qLH0cgEs3KFeWMPkY
+39cK7Eff7eTdji/3q8dsq0k5V65CKIDavS79vgSN25jltPv7CiC7YAJCuiMF0Eno
+YannyLvRvFsViBBzlEw/aPAN7tZ/SUUFcwtg8WGOKf0O6U1afqXKY7yQMFcVE7bZ
+IdH3joh1JZ3TPQoHWkLTQD0MLrpXekCctHNB1TvSVQPndE9HTit2OejcgZzPfv4q
+29Rc0RIAEMfqjwST8dAhNu1WPiqzpnEnxzKT3hhiiQIcBBABAgAGBQJOikP5AAoJ
+EE0KLZQgCQEy8jcP/jfkVp1XGIl5y2XTOVtCdRMd9UUmb4xAJ+R5/XruEn/hpxDh
+1UZQ/NzRsN2opKDaTRVe8zMZOVjmS8DUrMj5vGOoITNXZg5kbltJKb5qEKID5dV3
+H3s4C97ITrIa1CXPdGxSEwQzJumxPB3U8sJM9m+mbFuNdxQ9UyT+FDVuD3PUqmm5
+j/D9FZTkRu7+sb2U5Wwh432MaI8AlOOGBH2l6jkn/IkwddfzK/ZNg//pGZMVZ4wr
+juOGsvafZ2t3bCPHxByymEJvWW2y+nZPqO3Zhdj5xFbRYx/MuwbKfMP10bYBLf8K
+gu8y5/1RY8q7GJEFqakHDielkY8Q444wxfLIGGdLUmzwyHW9/btxKEfYKPEsZ0gQ
+/WDXc3aA5Zd/yaq69VPjtmSA9q74AKJBhdBki2RGv4lUVyp+bgifcVgUV6/ICB+D
+KjJzb9xico3E5QbH7exSXo56hBuvY9VapRAS1MMrOOcnxD6/PXyS4TTNAd6okJx9
+xbTDG8JQlQwJB95wMGHbbjioJKCulOKX+r0J+DLmpek1MoD4xe3cf6qMmvPuI54E
+F4vcofswTpb/lbMz1gdH5Yv7IY6uLf8tsj1XiVspvUQ15E2GKsrWBJo3D8n8Sxv6
+FuS7EPksXHSFDgERWoeEXBFr9W8DXOJ24zEl0sKAzAGsW18gzXP2gvzbMGAEiQIc
+BBMBAgAGBQJOilaPAAoJECMfcMqrMWhQHsgP/1qrkoPzPTgxQ3JK2KQaygp+JoN5
+WQxNPbgzh0u8BUu2KjD1Fx8gYF/PefD8BAjyKYObMGKnO2pJX6QypjscuAPuGTE/
+TLhN32i5TbrtGFV4fRjDz2iqPQg6diIGIDkQmxPflU0YVZVUjUQhR+jYW11qqKNR
+UJYm3s6FRx2D1t6HboSurEArU3s+s9oCP/KL/kUADhENKllv5QkyMmk93B6Ic7BN
+47D90eQt7Sf8QI8bqlqwR9WeQhfIqNL1/dz/KW/uIFBgmffymYbvB0YeFMbfETOA
+ySw3K10I0f2JMockRIEiaj5pRypV1wwjr1NabjLurSrxeSpvsKys8K0fQB2BLfb9
+NPYA9jhpbCZGrqL1yTQ4RRG8kd9RTad9lh39y1Ab2IK5zy4UZCZhUTYFQRFtTRgH
+4nW2noHRfdfqYxYwkrZLj88nVh8xMqZjJ93dXW/zwar4zovS+ccsdhAWsJVWypMb
+nYL0YDU2Na4y0tLvGTrop5xp8hlXGaC5ciREdFOivNWMCknSoInRtO74teB92xIi
+nrPR0Cvg3GLaiw1584b0jkNumUwvJMnFzf20vL8s7D+VUjGXR4tS5l8MAbwohNq1
+daaGcGNTUJ7KJwvMDEWS2QFroiJf/DgZHyvkmm0yW6hs/DhktuE7KvtfaliXxT/6
+eOnppMYm2g9MOf0yiQIcBBMBAgAGBQJOilanAAoJEGaxWkZeH57JahEQAM8e+vjN
+HNwIYBgAXiHuUiDjaRvAYJSOqvTqdwJr1jJ4gHpovqKCayboCwvT05Ul9X2ZkC26
+/umXN+eE93RR2cUYOSOkc62g7l1De/GKEl6Lk6pp5jhk97rTzQ5MD7qmuHBYFZNi
+AaSSuabRZLdaWMy7BlCMgP+jeULfBQXSoOjyu/TPDQP2XBcmt01vUoQGMPGBFgm6
++QTZdH9CKbgSGtjc4q/JsVx24oeDrqcUzCd9LLvNlOMIjFdS55ksmTmZLEnRL3a+
+v9Iwr2HfX0U1/ofGaIxUPiroC8QwNvHxtdIdCWJWIn3m0E8/BUGgIN/RRR8IDD6m
+VSW+gIio2gUMg3qDaRFVbOVE6WGBgt3Yl4uN4ArdTzh4wkc4sTMUeQKPTU8BKQcu
+p4gSmYpUYy4RPS7d+ZRVrzLol2eLhrLSU3KXG5ZR9cNTSD3aHiivw1cz0q9fcHpQ
+OHKbUybTiQmy48LfRHNrBRNxAQULZnRZpL5JtZhOwjYXl5DdLnJNnucFFRbYiLQc
+4i5dx4VJRZ0lwtWyCg8InIRTC9jNl0LK2FfPDDUKoDOiqBY3JO31UnswLPb2gxCB
+lDHwX/b3/iWkLQRqxV+kXd5F7rvTLyumFFNRgZaHnHOCrhxLBWtnqRnj7uPm0+4+
+yWe/wUo3PoMWkESPFkDfNxhGBOfBps16hK/SiQEcBBABAgAGBQJOimbLAAoJEG+P
+8p/HMpJh/s4IAJa/Fd6ATQ5dagjZHlcny1P1hLA+wucw94jXRnrLGoZWEbA6wuR8
+gpOpNhyXSiDeHkc0VRRCB63WJbNdg65E5oMsoqmgZx0wePOxVJCVxuYMWXKj/Wg3
+oxN08qL8cpKdXTi5ynWA5X0qt8pvEOmRbiom+YtTqgVOzq5lcHFgM649XegL0A+5
+6ULA2CsSCXhvsJUD9ZoSwsJP8oXRsUVEZjQsLEpL+2PQvDTq4gcHEq2CcHZbe1sI
+wIj99PI/PH+yuXIp0yF5Cn8cIG9/z+5SRmZDSr8x1ffMYeRli5HXPvSI/8j4h69i
+QAFVfW9F+lx9t0wfNESjCdesADusZaobRpy0H0p1bmlvIEMgSGFtYW5vIDxqY2hA
+Z29vZ2xlLmNvbT6JAjgEEwECACIFAk6GeNUCGwMGCwkIBwMCBhUIAgkKCwQWAgMB
+Ah4BAheAAAoJECDQTlpxNmCnhLIP/2yVDUiRirP5Vc+eYcJAWG6thwcPy3WIYGqJ
+fEj6CkDVjcvVAv5qPR+mVbgq4Q9snvGVh0sDgn4z2SCTC3cm5/D6UzWlAz21IHrb
+usBvFTJzOPgAWNn2/wamrJndc8N7w2Scj9XheWGyv57cAck+vfnldpwyQUZzdG3D
+Wq4VWCsQK213NQPrG2uHBhhUBgCcqvrn3jdS0wuxVeQkt+OrxzU1k4Ki/1LBJvQ3
+0iQSFLKKF3/3ZnY0fh34HVBMjJZqAvcY03wtdcQcr7H6gD+duEZsWDtuqHFRbh3Y
+lrEo/LhTed921KYxuLLXp5R8xtszK8HSO0t/pQWvEXlsmdiSIbXwNwtJpfsexvLw
+hXNlBkdi+THn7ukrZIGx16Tdu7em6c/d1YsmgzD5WabkGTRiXunHO+xhBaE9Xv62
+mCCVRIVC4h5cWvCNVc/xD4+H2c7S8ohp5NyfUhK6rZdqiqGQsf5nDUj+u5G2TYMl
+tmyDkEEZ8DboGRlYleU7qHfd6Y/CQnQVqeXNG0xOpn/hGJNe/kbUv+XKlfWKrp8X
+ZX5ZOHYmYQrJj7aXT/X1dEA19oOJhQugG8kR0JwhcttpFOqN6b7vRka8CIJoY7nZ
+i9SEGj5cKCO5yNyqHGIXfBzbiTOPVnJyvBsNrtWN+1kACk3TUInfyZcalleJZlTi
+GMnHjXAJiEYEEBECAAYFAk6Gee0ACgkQwMbZpPMRm5pp5QCfaR46cq4RrdRCk2lW
+v1jZBIlSzisAnAgKVV3U3btQGaXmRn7oDcHDUF8DiQIcBBABAgAGBQJOijA2AAoJ
+EL5LwMf2Uat7tIAQAM7PNzpPu4VGFA3h+KE2zOSYBtIFpuS97GNtPbFEHLueXl4d
+UjoLEFaB97GF0ccXDWu0J5+m+bsz2LD/BAWYvmOvxj4w8Y0c0P5KNOsOkyObRTkN
+CKm0Q/LzZbTpD4P9RosNSOMLiBeYV8llgNR8DXcnkw5TNssqHnOTte91vfRqIBDJ
+qB+a24o1PF6BsLZkVeEsR5FqaKWcAIJ8edfapOYyaDwkLT+XlVkhfzS1NgxRcNCX
+EySNhdelq0WtnCnKFWLDjZNll7IH8xon48fBo1qJldDldFIV7m2/GWDfe5DhoGux
+Y6JRnk8fuXOPIkZLlfQh1PpRn6vHl8pNJIzAnJ3NvLaUlxtvPV/zQyVHgIb96qpe
+BvlCY44QAjUAc4Iubf1Lv2Sdf0ckngg4eiT97UqFl9A8FPLYiVk3k7xt3Jt/cMHU
+bYC5hmel/8S8t3+iCO886I7Tcz+49V+MEiVo9/PPPLcDXb+tRY/hh8cWbSZOrkfc
+/xXRm8J2+LBPZCny9mpVoRwxSCdnhTk0OjTRY9uCUPbWB6FEcqYZEhgxSQhaG0el
+zE6nxbxiYNWXfFHYX/3HkzhfPh0SrPkuIBRSkVEXGZ4dypjcv8BV2251BtXkVdFA
+h6PmNNa0pjdcn1jfI8Xp0M9mWxkYItAGVIY3aVfg9xtWyouk3pGf5uGTp6triQIc
+BBABAgAGBQJOii/6AAoJEMsfJm/On5mBC48QAKpWGxIAjR1pVPw/CcYX66azidY2
+iTYAcFwFthtFqokvSfZj4Nz30dzMo5LCaOsmhxlUsJISmwvM5m5gurWM7edzwLn6
+bM+DELWyJJ3XQcKU5kNw1+un1PScAnkfsUsu6t++KXMtO//dkDD4B9WqeIbcSMLE
+GSlCYxz7Cik6gzMGPuERNWlQ5Plmos2HfzI5ATXzoUSr6YBcc0l67cD0lgeU8ICt
+nHeafcJ8gIUIR5o3JMljBG9YvAzubCpKp957hE23kj+tngAtlMCIM4jeR8AVE7Xk
+3fvlMD4vT1XoUCyHXCMKjmViCsnPlwVpZeYhUgBsLBA3NzFj4+XPKiAjZpaVCxXo
+6t6qTf0XS97BmlPLIPl6Q5+pfSw6PELxWLrgIcfEaX0Jnfv7zEayK+kQiWnBAXja
+UfvVPbN/W4o28XTt2zg40RvWpu0hYU+2YmsDJ5vCtiR7GJDoSegJKdIi89Vmjjxx
+325HMjCcp0GgMtF6EOvGUXgAK5Bg1zEfdLO37jEXIb+rHu2vR+f8FJD9t0mAJu6H
+7ZY0e5KJDyQMPDsiZumEfmboqDb3VTG9+35N6drtn20IafLKcNXokM3CC1/NHfj3
+b4K/6i8sUFc0c7fPXb42SSypRb/K5GlEcxRPRLGmraypvESmkQYLNIDCcfuXnru6
+q5xigN3rkJUWmEXpiQIcBBABAgAGBQJOijDEAAoJEIwa5zzehBx3FtsP/0BQozuW
+jBvk7OndhzIJdPc/QAVW5noFn1ZQ/zw6SzPBGiclMuuoEd+rdRP17IEqUOBQ3Y+1
+fFgQHxpHW7HdhwhoxlVfeoD5n0xgWkFAEReFHpJG03VlcXyKqx1eC4Bgqk8ao+d1
+RcbC1lbgiZHAB/MvACLG5nmPi5EqGy4UeXp3a80JtcQf5C2/acRz2t3y4uzph9QM
+fXclh+/av5C9Ce+ENjwmZJqWPx9wkf6VCLZcLIQY7OsWzXuaHZ7/dUzHOXBGYmsu
+sf0pdsVnli1XtMeH3OOLY1NtlOKzI3jR/rV2gfUjL9nvrOSTxNXJT5MfiaLXtvKv
+LOihXE5UnSEHGUPCkJBUrGwWuB+OgVnJtZp+YnLi19vmQ1vaOcqc5R3BpL+IWKgp
+TC6JoQeBCeqfkP5t6Ow6eAg6g5h6bHkqY6fFXl47wlkvKvMFdpsoqDuW4RJ+FhhZ
+8Y7bIdVgE2hagYxm60BdnqdRJMlBDTqx8n8Ne+z8OAgWlq+bdBYe9X17EPIOQmWR
+/OpzGo82mNtqTFnOAu94qmZhLbKYcVssCAw75wnEzlHQ2jm7H3UOmMtjlL4I3htG
+xs/M/5lotImPM3okfUtMrog2tHKEzfM/Pb/zdM8PGT+fDG+kMcnnuB2xE85Y1mi/
+XWAJcNlSGjaLpVihtS77P+fgp1uK2m18gWotiQIcBBABAgAGBQJOik5vAAoJEL2g
+YIVJO6zkAFAP/2+IUCHekKDQ9V+7+R8OD0UdKqTIvZ1IJS9Ipa0KJ9zJfScDjSbG
+Iy6MpxOUq/TH0bppdrTTlWjCRD+puVAi8yKZbQ75iFSl5fBP8eXQfSFSn4w+p6lV
+6toYZu4pvldmN/bH5LUFJOXiCw0ixTOQD58JyTRaAh3c0WZyqbYD3abPerUIhxKk
+1GMKOgt1pGLfjjMNyETF59IkDyvi15BxFuI87ukn1UU+Qayb2DYrCe+nDO1Jvgpl
+bUJturTiRZVMlHMMDi01KGlZWGCp1i4pbuISoUG9KWeKsJfpeqr0rg30u5w4xVgF
+G6Y53y4N+R91Y6IkFNTADMBmsg50V/EZBUGxMahEeFU0MRKuUY38FowVbmspoSOh
+jepFD1Zikh3WLCo30niHU4iK41CVnb/s6ZEORuSFZF4zzxGb8+IQW5LxSmEMCqyK
+ZkvMdKyUGOjGGce2Jlly9PK0izGS18ncUFcdqPaxDgQLf+Xt0gkKILSCZ0PRmf1l
+RgPceZK2k+x04QtyX6DLGN9+KL8lrU0IV/5IEA73nHTi5ujcUAwF89ZVBLIzpQd4
+cfEY2QkqZSbLzKKr+ewqLLq02S6uar1ahW6xISTpd4Rzy4kYis/x1WOwPWkM9lFl
+WioBKxP5KzxkU4Z+qcW7Xd/oycVcI8QL9czKfHb/gJJtSCwWEqyti/LtiQIcBBAB
+AgAGBQJOikP5AAoJEE0KLZQgCQEyISQP/0Jl1W3uY7blKbp13DBb3OrgerqAJlHW
+zyToGi2SY/vvO6BCTBAzyjBhanLClfdYq/AkLkom3UmyirfTcuO8UD/EobYCJ+aA
+8u/EGKaaIyaXVNyZMDtI9ngO4A9MWLzC8a6PNm9LizPom7LB6/ZXgpBCNUg7hxzZ
+HYy1Y7G7Nu4qnHgmsE4YRz3fgE/81lwzSXWqBmiQUmN5zt/5dPWcGxSs5m9CQebB
+7+anupqJYo7Sy1vwCaeWlu3zlnDPhrGZqXNkF3TIKnP9USk20vZvshfjs+3u+uxo
+sdl0Ou6kHIJd6Akf4+UsrNnwp39giVCuBddmyzsMjXtYsbRZwNLmqJDLm09DQPs3
+R1GPj6Rw01o9JCZSI3Sfprt84HDNj+HRuA88YmOisXp79ANlo6Emko/ws73+haq1
+drZb0uLINIjfiY5kXw0FfkVxE/5Zu/uc1XxJHwNtvvC+DpRk815KdtVGs1bUtvH2
+gCckQEagO4M4YX4TPLk8+qS6xpVVa0r/IUWNrX123OYUcE/ENXKtZk7XaHFmAlEn
+BA5A5l7XosxzLjMviN3VruuoowW7KyHneXyJ5tIhdrPMFV8otDmiJky7r0b5y5gs
+hlDHwH/rfTADOyHH7cD858JuUtyklSMFeZcopR/1KYQKqcR6hulLjOeVj5Oy7hic
+IU4ZNIGF53jkiQIcBBMBAgAGBQJOilaPAAoJECMfcMqrMWhQ8jwQAIyVYWu5Oks6
+30FZlX0k4J18fwmjmYUl108sg01qCIt7sWXEyMFwmruxiYzmCN6IIAFFKQEMF3NV
+yxJwbna+aCH/rRr0R9UUzjzgFgJV8twi8sStQc/FKl+HGPfreBN3/77WuMP9N0fA
+5OIb3uGc10cmm0PIP2RLMTAyHGcyGxXszKm+ERPTderN/1tLd0G5k7tV3L0W0zzx
+hHwQQzF7Mu7d2wGzJhebRN8NbHgBFpjNIa/LAkUKLdmaMbt9RuvCP6+9WvcWSVLl
+tpW5bTWRUGHSeYvvK759fHoz8TI6uiDO18X7PY3dz6l5YFeP5QO3cSqcc38aiaz5
+H4CsR8UqUQrxOAnhkbJJPUhXvBrv8pwRv6sukPK3FJkHk441zRxrWnXgE262SO9F
+CkfReL1BZM+fslUZbzAP2F2KdFz4ugfv8JFsS+RRKBRM31whDRwxAYx4KpWexXFH
+tkZbcbZGLcAKxci39qTMJ0jf6E5rbnIZbot2I+3d4KGqczITTV+mevhbLqoCtF0m
+/Wu0j4vFk/8dzPm9kvkOBeqNEalyz2obmmotvadhTzX4W6XrD47mAZn8db6UNIW5
+f+yhiE7aBKBScz1DFqjOcx2H86S+sGY4oRsOL1NZBWPBGZtqjPxFnpN4ZtpTA+fz
+nEhlkCMmftUnvN6xyYlVq/Fc1+In2tdfiQIcBBMBAgAGBQJOilanAAoJEGaxWkZe
+H57JrwIP/3Wi7G7Y95HjeXQ9VrD+Ji6A9jNRaCmq2EzxjB0wLOUl36qzUlBxwcaN
+7ZQmrgI2h6uj0StlOe+lJuzxvOs8j+FsX+GvS5o3wDb8EEYGRFvVXdhWf2PHjqvP
+7nQEX5GxaHfo090fxDFmOzIQSYXm5m3QBMSRCNJvmFjsJ8CAq8sNSgOodVIoatOz
+b4JM1pSjcdu/j/0l8ktcsB7SGeMm3D3+jpOrh41iNb/fzEKHJWKMxGqK2p0dVKxl
+iwSXGmUfUMZlcicxAsfSeZzQs0ih7b9ulheyopx4iHYlz2ivVxZ3KSGkyzFI6yCC
+xJXfJ1qhlO/q7/3IEWE2C6Vrkm4gUSAR/skqHSky+6fkGqyTkE6HO+WphDVgZuyG
+/Fdi45+oBY/bLiZPnFWe756liQzda0TOJu+lFU0/YaF4hqwlljQEkkm0Vs4bj5xd
+CHjtq4jygU7Lc4Zm6V8I4TuVNcgyhfheB4yK+3YrArfw7IcX3ptnPOFCslMfR252
+ArSeEeHRpTar4UGH/P/RF+OjbrOZd/UwxyjdQAqQf+dXjp4oKsZJ+SYMV2MqsXzq
+uU5NBXb2ykQOW+UCcBZp8et9HfVYQFzLlqrBrr219j5OhtpSDE6C6Qhsw9FKQc3h
+Pp2KzIQKyWSOQ6W6B5cKdbCea8HnqAb0rTk24UoMj9SjQd4xaS02iQEcBBABAgAG
+BQJOimbLAAoJEG+P8p/HMpJhxCEIALGSwNfNGitvAHBF0apo5SsbGCrqIXMafoko
+belD1YdfmEieDEmith587PSkTQdujVdPvgP3oSTwPoeu0c6nhA/IT5ipHX1hdLw8
+YefXdfRXnPpz6PRggfB+llDGURUXXWi5DDEeAZVcl7x2MwbhfDSkHoJI7Aj9HQ41
+ZDVOFnsxQ0t9fTpN66M7+6Wu4qHe+bg5GzJyIG1wVj7R6tGLA8sa7pMkiQqVK7ix
+jcmga2Op/JMzTJ31qmIaSPANoL3fVKIQUT/Y/6D7XALt7VQuhObLK/ZGkvVOCSiE
+aIQDo5pLfg2DGgf4j6rFZ8M2fvIHRpWo+gzo6bKOmbvnGo1MW525Ag0ETolKOQEQ
+APJeT06GqZitCBwaWOaIYnud2XMy1eaI1imVzbJlWDbkgQSqcAulR9l/OfXVXefR
+4oAGLEtU2wwlDRgtWzNLYSfWPdn2tVp5RKsmEGQ5ieK7dvNw09hpq5J4Olz476/D
+2Xhyrb8O7i8sH3ZuMdFqxqx9+INewS/Nrv+5NCVDoCaD7pSJDvTJbN+VCUmP2cJN
+RHZDOIRypqiRSIlvw5T2IdE4+cfUrpJNAEx/0f0HbaY78CSWcqYeoDIW4mAfhvp0
+f1mcvbwfmxcDz2mtBLnQA6CGfS5EM1P+eSqjZyh/XT6j1VhDgWVWbz6okYskbn3z
+CCdLfZrb3P467ktaok2XSaMtr5eiuFKnPobr5R3ggmEdJRgngwfiMbs/cXdmXVMT
+IMIHDYkDglu9GFrcX9CxdrHkiXSyLRwwTrv393KisDRlL3At3f/alW9MD0iNZqtf
+EtNjBnLw8krIxrV+6OJLo1KhNmTQlujkSyVAusxGLt00TVq13kt7gD9tcVKxD5Lk
+4iS+0gktdhWCbeWoMeTSFCiO25CFGy24roQuM+OzBWo1vWOY1EJPOnZO24xqla12
+CLvdg4cXNgjQ9n1mjKWEYcLx0eikFNcmB2JBlZTB4qMzOQ/uHQkUVSPMd6f/sqRQ
+WZma+8k6b/6g9DfBx5djQGLxkUHc48hUDlxEcGl7s4wpABEBAAGJBEQEGAECAA8C
+GwIFAlQfYz4FCQd3TGgCKcFdIAQZAQIABgUCTolKOQAKCRCwteiGlq/my6SlEADL
+AJoqajQcfvvI2Sqiuacq1EGvPyO3Hrx7/+mr8DIKuCEpSH3WIsZiOLf8TWpB7uns
+17tYCfe4VmzbbOs0ogMbG0wwJBMLQ17gEC8yHU3PDPMEILKKuzVxwuPmAqSgWQp9
+OjlTk1Y3Odg8zy6JvW5jm91Gogna8nsknKQ11xbmh3jZO1aw7EfbNOnhJE2ZfxA9
+pFt87E92UqxunR4g7qST4vHqAS9YC0R1rnFJ3U/DIrtJ8Zp1Ob7xHDlR4/WRG24p
+A+buxEEHRyhcNUekWL+cxYfNXG/80qEsCTMhsY5XqsvyKFWFcaoSCIPlD5B1to2y
+Iu0ejmeIHOlufO9KikFhw5+2uFw80NjRFhdhv/kllSJ38kFYrBX7NEQSduC2xgNv
+AUQOcJUgbJcCjHJqz9LdvXiLNq2qAg3GJi7GkNj7DU7lHLCM5N0s9RaUvliEfVb+
+DBt3IaIviyHS/9/M3LS8pHnM+3WEgIQD1i8IjuTdvvg7p6IMHl8whE+Q2vq5tlZ7
+RPrHh4vYSNIVFcgSZuacCH3el2lYWtcf5J/UsqEFnOiOBSxBT+vMHZH3hLtXHRn6
+3OANnx8l7jtlQR/MlxzLIa979ACwsuBNZHBE/cxJrWsLjC5a0MMyT92vD0KmZ4V5
+EWfSgMgGj+baYG/5Q0DFJ2KNETO89GLBE6Zr9FrBVwkQINBOWnE2YKe+LA/+KwRD
+8gJO3JlrckdFw2aUBE2NEsOza+GhK3U3UOwJZ7RzHJ/jFkSaWue0v3mthZeklmeF
+9PVVfx9dZVp2M8NCJEkQ7AwE8TIp/qqcunOyMMWfUUNVE/T4ZlQc+6267Jdx547/
+lhvT3DAnZRTjGS+FQtk0BK9IQUl1oVepgyNK3cLlLvqKvOLNXJHuYP3uU46BrqU8
+ZGjTv8nwyTH/t3asBpiQypdt3XyoPl2xYd2Pxt9tfwuRoL6rY2gqKswrkwwchG1V
+wXXu5hQecUIPHow4BX7qHMOe8IXTXEtzJRjzvz9OpwfeNEBC48KeTt+JjHFZ9Kp8
+oYGoqLnlVuas7nBGvlH825GIYp5WHW8pY8KriZaiEnCzzS9MbczlqNaFhy5e41ZJ
+UbkR1xaegLKmp/zKLy5WE3ATuDsDif6yCQTh5DHi7v75RCHqguieb7g/mz+F1KR2
+psTlPFOkVVQyB+HHJIRFN81g08Gg/0UxvE2rScxpozTjkdOIpm6hQKVOzTlEOPPF
+jah9dWnmaAzqF1ihL1nxOwoP30z9CWR9x2lvS1pY1q7evBQsri7bxlXjcox8ODWa
+vPW26p4SgQF9S0t6Zf/p3w/FseLJXaPEYZTkIFELvmSebALni653dQJlhBF72Qxc
+mal7K7p+HI72Vw5shRYbmhlYrNUM0yLpmKVLprw=
+=K5VA
 -----END PGP PUBLIC KEY BLOCK-----

print-failed-test-output

@@ -1,26 +0,0 @@
-#!/bin/bash
-
-shopt -s failglob
-
-# Print output from failing tests
-printf -v sep "%0.s-" {1..80}
-for exit_file in t/test-results/*.exit; do
-    [ "$(< "$exit_file")" -eq 0 ] && continue
-    out_file="${exit_file%exit}out"
-    printf '\n%s\n%s\n%s\n' "$sep" "$out_file" "$sep"
-    cat "$out_file"
-done
-
-# tar up test-results & $testdir, then print base64 encoded output
-#
-# copy $testdir contents to test-results to avoid absolute paths with tar
-cp -a $testdir/* t/test-results/
-begin='-----BEGIN BASE64 MESSAGE-----'
-end='-----END BASE64 MESSAGE-----'
-printf '\n%s\n' 'test-results and trash directory output follows; decode via:'
-printf '%s\n' "sed -n '/^${begin}$/,/^${end}$/{/^${begin}$/!{/^${end}$/!p}}' build.log | base64 -d >output.tar.zst"
-printf '%s\n' "$begin"
-tar -C t -cf - test-results/ | zstdmt -17 | base64
-printf '%s\n' "$end"
-
-exit 1

sources

@@ -1,2 +1,6 @@
-SHA512 (git-2.52.0.tar.xz) = 965e5ebb72d1f080d64e34bdb75f0bb1689c9dd41dcf63b020d986bad49808ac09bfb1115962bc0c5b95bac8622367ac4cd09aa89266f73d2137fe94c90dd3ed
-SHA512 (git-2.52.0.tar.sign) = a5a68ce131a5763650c477ec01a4de958dd6a946bdea0f613e26bdab41d2df6b3ca63f9028bbe603bf0c834bd415c86e6c616b1ff08cc48aa7c3c61a37b24b74
+SHA512 (git-2.9.5.tar.xz) = 5a3f62b9640a477bfd1a299f365ddb36c69ce5fb92ecf3ba7176686836a3057de7c74078b46526abd7bee0204c49e36bbd7d77d4c2f69c6524eca592ab6c365d
+SHA512 (git-2.9.5.tar.sign) = ae799e503c9648fffd9c18ce7bf826f8e28cec2bce196f67275f49eeba3c250457c2a4aa8316079e43f06a6374bbc2c3cc196555f58452aecef8be8727b2edcd
+SHA512 (git-htmldocs-2.9.5.tar.xz) = 8ac48cc1bd9635ede960fb2dc5e18590fa0c743e0892e754cade2b5b2833a24f463059f2992e74a281b5ae3ff48309187d06f2e546676ceb3c38cf5ef32fb555
+SHA512 (git-htmldocs-2.9.5.tar.sign) = 9239fda9b02adf4232048d259fe133cf67999836e3bb9ea76e96b18721916af5b22b375afbd857cfbb49dbafd9a9b8e1a02b0e53d21ecf04f2e5831a6b9fcdea
+SHA512 (git-manpages-2.9.5.tar.xz) = e4daa7b481c1e14da76dac04348843240c9ece80123f6e6e10835d74737605c03ca07c60b90b94f59ba5fc91b2608115db632f3636a6eec6c95df682191ea9fb
+SHA512 (git-manpages-2.9.5.tar.sign) = 48f9395ea09200275fe9836f27bfea1672151b351ae79a6554d9817d72e97d0db8d4656079bd1af3eeb2fda2c1d7e0ec9ce3f16b0fc3dda659cfd6fc836c6495