Rebase to v2.48.0 (git-for-windows#5361)

<details><summary>Range-diff relative to -rc2</summary>


* 1: 8c8a207 = 1: bbc14d7 t9350: point out that refs are not
updated correctly
* 2: 25fb032 = 2: b5fe0f6 transport-helper: add trailing --
* 3: dca2663 = 3: c74f47b remote-helper: check helper status
after import/export
* 6: f6f9f1c = 4: 6166ef7 gitk(Windows): avoid inadvertently
calling executables in the worktree
* 7: 47dc063 = 5: dd17fae Always auto-gc after calling a
fast-import transport
* 10: c0d09b9 = 6: a1108cf mingw: include the Python parts in
the build
* 11: d55d5e5 = 7: a60cef9 win32/pthread: avoid name clashes
with winpthread
* 12: 72f78bd = 8: 3eaa1ce git-compat-util: avoid redeclaring
_DEFAULT_SOURCE
* 13: f7e4509 = 9: 461207c Import the source code of mimalloc
v2.1.2
* 14: 0c0209d = 10: dfda515 mimalloc: adjust for building
inside Git
* 15: a27ec22 = 11: 1499dbd mimalloc: offer a build-time
option to enable it
* 4: b536507 = 12: ec0016c mingw: demonstrate a problem with
certain absolute paths
* 5: 90288be = 13: c2b8b3d clean: do not traverse mount points
* 16: 2524a04 = 14: 080c851 mimalloc: use "weak" random seed
when statically linked
* 8: 2dcf725 = 15: e75cb3b mingw: allow absolute paths without
drive prefix
* 9: 00dad35 = 16: 64e8496 clean: remove mount points when
possible
* 17:  b866815 =  17:  11ebfb3 mingw: use mimalloc
* 18: 5dcfd01 = 18: 6b608e8 transport: optionally disable
side-band-64k
* 23:  0dd5d94 =  19:  0cb219f mingw: ensure valid CTYPE
* 24: bf75da6 = 20: 0bc4c90 mingw: demonstrate a `git add`
issue with NTFS junctions
* 26: 07676d9 = 21: 345d8dd mingw: allow `git.exe` to be used
instead of the "Git wrapper"
* 27: 6c91598 = 22: 13709f0 strbuf_realpath(): use
platform-dependent API if available
* 29: fe6fb0e = 23: 3db90c3 mingw: ignore HOMEDRIVE/HOMEPATH
if it points to Windows' system directory
* 30: 058aad7 = 24: acc5a14 http: use new "best effort"
strategy for Secure Channel revoke checking
* 20: 6d49ea6 = 25: d7476fc mingw: do resolve symlinks in
`getcwd()`
* 21: 09d7dec = 26: 2b6f291 mingw: fix fatal error working on
mapped network drives on Windows
* 31: 6c2313d = 27: d919252 clink.pl: fix MSVC compile script
to handle libcurl-d.lib
* 32: 7231ff0 = 28: 132f431 mingw: implement a
platform-specific `strbuf_realpath()`
* 22: d2efb3e = 29: ccdb636 vcxproj: unclash project
directories with build outputs
* 25: 6a67ad3 = 30: c532ef3 t5505/t5516: allow running without
`.git/branches/` in the templates
* 28: f79ee51 = 31: adfc048 t5505/t5516: fix white-space
around redirectors
* 33: 432f101 = 32: ca53503 t3701: verify that we can add
*lots* of files interactively
* 34: ebd57fe = 33: c3d5ebc git add -i: handle CR/LF line
endings in the interactive input
* 45: a17f9f8 = 34: 201c0e8 commit: accept "scissors" with
CR/LF line endings
* 46:  9874912 =  35:  ae133a0 t0014: fix indentation
* 47: 4a85fd1 = 36: ac73ea4 git-gui: accommodate for
intent-to-add files
* 35: 5cc86b2 = 37: 77283d0 clink.pl: fix libexpatd.lib link
error when using MSVC
* 36: 1430754 = 38: 4bff95d Makefile: clean up .ilk files when
MSVC=1
* 37: 5c8e388 = 39: db01c40 vcbuild: add support for compiling
Windows resource files
* 38: e18b12c = 40: 8f5ad65 config.mak.uname: add git.rc to
MSVC builds
* 39: b442bcd = 41: 3e47c79 clink.pl: ignore
no-stack-protector arg on MSVC=1 builds
* 40: bfd7b0f = 42: b59e4b9 clink.pl: move default linker
options for MSVC=1 builds
* 41: fbce80f = 43: 49cf4b6 buildsystems: remove duplicate
clause
* 48: 6612874 = 44: 81ee80b vcpkg_install: detect lack of Git
* 42: 03f535e = 45: adb7867 vcxproj: handle resource files,
too
* 49: 75993b4 = 46: e3729ad vcpkg_install: add comment
regarding slow network connections
* 43: 5016af7 = 47: 69d15a3 vcxproj: ignore
-fno-stack-protector and -fno-common
* 50: e96a349 = 48: 79bb88c vcxproj: support building
Windows/ARM64 binaries
* 44: 6f462b5 = 49: f1b2fd6 vcxproj: handle GUI programs, too
* 51: 0559b8f = 50: ff822c6 vcbuild: install ARM64
dependencies when building ARM64 binaries
* 57:  5663ad4 =  51:  f45352c cmake: install headless-git.
* 52: 358ba6b = 52: 6e69568 vcbuild: add an option to install
individual 'features'
* 53: 7b33166 = 53: b3ab8b7 cmake: allow building for
Windows/ARM64
* 54: 15e901f = 54: d765597 ci(vs-build) also build
Windows/ARM64 artifacts
* 55: 040847f = 55: f8c6875 Add schannel to curl installation
* 56: 1cd5f8b = 56: c80d4f9 cmake(): allow setting HOST_CPU
for cross-compilation
* 64: 95727ac = 57: 3aeb23b CMake: default Visual Studio
generator has changed
* 68: beea9e1 = 58: c20c6ee subtree: update `contrib/subtree`
`test` target
* 66: 127faab = 59: 1033d6f .gitignore: add Visual Studio
CMakeSetting.json file
* 58: 6704142 = 60: 1e95a2f mingw: allow for longer paths in
`parse_interpreter()`
* 59: 296b420 = 61: 48c6336 compat/vcbuild: document preferred
way to build in Visual Studio
* 60: 8a42909 = 62: 921f35c http: optionally send SSL client
certificate
* 71: 3e7da28 = 63: 1fcbe5c ci: run `contrib/subtree` tests in
CI builds
* 61: 10a5c81 = 64: 6183d2d hash-object: demonstrate a
>4GB/LLP64 problem
* 62: 3bef351 = 65: 23fe600 write_object_file_literally(): use
size_t
* 63: 2c008c5 = 66: c22d98b object-file.c: use size_t for
header lengths
* 65: c35308a = 67: 4f197bd hash algorithms: use size_t for
section lengths
* 67: 3d25b0e = 68: c4551e7 hash-object --stdin: verify that
it works with >4GB/LLP64
* 69: fafa720 = 69: 40431da CMakeLists: add default
"x64-windows" arch for Visual Studio
* 70: 11b2ac6 = 70: ce0d0a9 hash-object: add another
>4GB/LLP64 test case
* 82: 4cd9933 = 71: b045dfa setup: properly use "%(prefix)/"
when in WSL
* 72: 1bb4d11 = 72: 86670c8 CMake: show Win32 and
Generator_platform build-option values
* 73: fff28fc = 73: d13b2b6 init: do parse _all_ core.*
settings early
* 74: 1a67a18 = 74: 1961e70 hash-object: add a >4GB/LLP64 test
case using filtered input
* 85: bffde5d = 75: 307bb05 compat/mingw.c: do not warn when
failing to get owner
* 75: 820a555 = 76: 7324a35 vcxproj: allow building with
`NO_PERL` again
* 76:  66d8ef5 =  77:  348fae0 vcxproj: require C11
* 77: 5c867e7 = 78: 102e426 vcxproj: ignore the `-pedantic`
option
* 78: 777ec58 = 79: 32973aa vcxproj: include reftable when
committing `.vcxproj` files
* 79: 0aa5472 = 80: 60299ef vcxproj: handle libreftable_test,
too
* 80: af26bf7 = 81: a69adf6 vcxproj: avoid escaping double
quotes in the defines
* 81: 9331662 = 82: 331afd2 ci: adjust Azure Pipeline for
`runs_on_pool`
* 84: eddaab6 = 83: d4d7862 ci: stop linking the `prove` cache
* 83: 0ff2c12 = 84: cadcb6d Add config option
`windows.appendAtomically`
* 89: 814d99a = 85: b4b814e ci: reinstate Azure Pipelines
support
* 86: e8fdcc3 = 86: c71eeba mingw: $env:TERM="xterm-256color"
for newer OSes
* 87: beb405d = 87: 404e0aa winansi: check result and Buffer
before using Name
* 88: 02c0dca = 88: 3f98d13 mingw: change
core.fsyncObjectFiles = 1 by default
* 90: 876eee2 = 89: ebc3f7b azure-pipeline: drop the
`GETTEXT_POISON` job
* 91: 136ed6b = 90: 3ec9280 azure-pipeline: stop hard-coding
`apt-get` calls
* 92: 3d2e22c = 91: 209f633 azure-pipeline: drop the code to
write to/read from a file share
* 93: 12b65ef = 92: ac9ce7c azure-pipeline: use partial
clone/parallel checkout to initialize minimal-sdk
* 94: e08e05b = 93: a671d41 azure-pipeline: downcase the job
name of the `Linux32` job
* 95: e3fa52e = 94: 231a570 bswap.h: add support for built-in
bswap functions
* 96: 01e8056 = 95: a4cc607 MinGW: link as terminal server
aware
* 97: 7acf493 = 96: 7e22815 azure-pipeline: run
static-analysis on jammy
* 98:  7423fab =  97:  4c4a0d5 Fix Windows version resources
* 99: 3a39c43 = 98: e80721d config.mak.uname: add support for
clangarm64
* 100: bd79a1d = 99: 12dfa68 status: fix for old-style
submodules with commondir
* 101: 222abf9 = 100: d9aa4c7 windows: skip linking
`git-<command>` for built-ins
* 102: 2f6d027 = 101: 58f6351 http: optionally load libcurl
lazily
* 103: 1440baa = 102: 6f3580c http: support lazy-loading
libcurl also on Windows
* 104: 09a6270 = 103: 5c064c2 http: when loading libcurl
lazily, allow for multiple SSL backends
* 105: 8631bd2 = 104: f3cd3ed windows: fix Repository>Explore
Working Copy
* 106: f89dc53 = 105: a8bd077 mingw: do load libcurl
dynamically by default
* 107: 48cc7ed = 106: 0959164 Add a GitHub workflow to verify
that Git/Scalar work in Nano Server
* 108: 5079c01 = 107: 171878e mingw: suggest
`windows.appendAtomically` in more cases
* 109: 526958a = 108: a3742f4 win32: use native ANSI sequence
processing, if possible
* 110:  8d4b504 = 109:  5264077 git.rc: include winuser.h
* 113: 659c640 = 110: 4d9ebe3 ci: work around a problem with
HTTP/2 vs libcurl v8.10.0
* 114: 1de9cad = 111: ef1206c pack-objects: add
--full-name-hash option
* 115: ed17b4f = 112: a79d35a repack: test --full-name-hash
option
* 116: 0990abf = 113: 8da7363 pack-objects: add
GIT_TEST_FULL_NAME_HASH
* 117: acfc334 = 114: 9b1f343 git-repack: update usage to
match docs
* 111: 5a7a5ba = 115: dbd4e4a common-main.c: fflush stdout
buffer upon exit
* 112: 7c23b9e = 116: 7b12c55 t5601/t7406(mingw): do run tests
with symlink support
* 121: d433451 = 117: 43ad970 win32: ensure that
`localtime_r()` is declared even in i686 builds
* 122: c12070c = 118: fd55ede Fallback to AppData if
XDG_CONFIG_HOME is unset
* 123: 5e1a683 = 119: f08d175 run-command: be helpful with Git
LFS fails on Windows 7
* 118: 33f3064 = 120: fe91a8a p5313: add size comparison test
* 119: 9fb1426 = 121: 9e9b294 test-tool: add helper for
name-hash values
* 120: 131c260 = 122: 36064b6 repack/pack-objects: mark
`--full-name-hash` as experimental
* 124: 74ce00b = 123: 98030c3 path-walk: introduce an object
walk by path
* 125: a2cf338 = 124: 4534fc6 t6601: add helper for testing
path-walk API
* 126: e34dc72 = 125: 048428a path-walk: allow consumer to
specify object types
* 127:  0e42bfa = 126:  a3d393b path-walk: allow visiting tags
* 128: 63fa634 = 127: e35f96d revision: create
mark_trees_uninteresting_dense()
* 129: e545bee = 128: ee8deef path-walk: add
prune_all_uninteresting option
* 130: d90b21c = 129: f997fc8 pack-objects: extract
should_attempt_deltas()
* 131: 159547f = 130: 7075c09 pack-objects: add --path-walk
option
* 132: fc70c9f = 131: 2d88d3f pack-objects: introduce
GIT_TEST_PACK_PATH_WALK
* 133:  34e991a = 132:  1d621e1 repack: add --path-walk option
* 134: 557e23b = 133: 91c1e93 pack-objects: enable --path-walk
via config
* 135: b1d9661 = 134: 14f998c scalar: enable path-walk during
push via config
* 136: 7b59e6c = 135: 4bad79d pack-objects: refactor path-walk
delta phase
* 137: a7681ff = 136: 0603e43 pack-objects: thread the
path-based compression
* 138: 9ed9a44 = 137: 23ae924 path-walk API: avoid adding a
root tree more than once
* 140: 5de5395 = 138: 58eb7f1 backfill: add builtin
boilerplate
* 141: ec146ba = 139: ebd1692 backfill: basic functionality
and tests
* 142: dc94934 = 140: 6bbc831 backfill: add --batch-size=<n>
option
* 143:  35b7e38 = 141:  4f329aa backfill: add --sparse option
* 144: 2264e15 = 142: 5126f20 backfill: assume --sparse when
sparse-checkout is enabled
* 145: a86d017 = 143: d0bd4c0 backfill: mark it as
experimental
* 146: c6b7ce0 = 144: 2787935 survey: stub in new experimental
'git-survey' command
* 147: 7d894d8 = 145: 81a04f4 survey: add command line opts to
select references
* 148: 0d8393e = 146: 3ee79f0 survey: start pretty printing
data in table form
* 149: db19259 = 147: 2f3acdf survey: add object count summary
* 150: 4019c90 = 148: ea53fbb survey: summarize total sizes by
object type
* 151: 1edff6d = 149: e073a42 survey: show progress during
object walk
* 152: e65957e = 150: 2c1b163 survey: add ability to track
prioritized lists
* 153: fc9fb68 = 151: 64b2ec2 survey: add report of "largest"
paths
* 154: 5c03374 = 152: 59481d1 survey: add --top=<N> option and
config
* 155: c1267cc = 153: 31789fd survey: clearly note the
experimental nature in the output
* 156: 084fec0 = 154: c847baa path-walk: improve path-walk
speed with many tags
* 19: 22ca7af = 155: 5c96513 mingw: make sure `errno` is set
correctly when socket operations fail
* 139: 1350d79 (upstream: d02c37c) < -: ------------
t-reftable-basics: stop assuming that `malloc` is not a constant
* 271: af9a2b6 = 156: 78e72dc compat/mingw: handle WSA errors
in strerror
* 272: 0cf45c8 ! 157: fd6b18f compat/mingw: drop outdated
comment

   ``````diff
   @@ Metadata
     ## Commit message ##
        compat/mingw: drop outdated comment
    
- The part about keeping the original error number hasn't been accurate
since
- commit c11f75c (mingw: make sure errno is set correctly when socket
- operations fail, 2019-11-25) and the part about strerror() not knowing
   -    about these errors is untrue since the previous commit.
+ This comment has been true for the longest time; The combination of
the
+ two preceding commits made it incorrect, so let's drop that comment.
    
        Signed-off-by: Matthias Aßhauer <[email protected]>
        Signed-off-by: Johannes Schindelin <[email protected]>
   ``````

* 273: c4d7ea8 = 158: 5ae96a2 t0301: actually test
credential-cache on Windows
* 274: ef52c17 = 159: 09fe109 credential-cache: handle
ECONNREFUSED gracefully
* 157: 09c9eaf = 160: 8765262 Win32: make FILETIME conversion
functions public
* 158: 8a2cf44 = 161: afb6c97 Win32: dirent.c: Move opendir
down
* 159: 8bccc70 = 162: 5394912 mingw: make the dirent
implementation pluggable
* 160: d70dde0 = 163: 4d6c9ae Win32: make the lstat
implementation pluggable
* 161: 79b7550 = 164: 6d933f6 mingw: add infrastructure for
read-only file system level caches
* 162: 31d1d18 = 165: 4bd5d05 mingw: add a cache below mingw's
lstat and dirent implementations
* 163: fedce44 = 166: ac62ab4 fscache: load directories only
once
* 164: 101b990 = 167: 0b4d50d fscache: add key for
GIT_TRACE_FSCACHE
* 165: 537c684 = 168: 22e59f4 fscache: remember not-found
directories
* 166: 26e514b = 169: 6f5197b fscache: add a test for the
dir-not-found optimization
* 167: 4a0b366 = 170: 6b3627f add: use preload-index and
fscache for performance
* 168: de1f16b = 171: bd69cf7 dir.c: make add_excludes aware
of fscache during status
* 169: ccae4a7 = 172: 3de1d72 fscache: make fscache_enabled()
public
* 170: 675d8dc = 173: b8686d7 dir.c: regression fix for
add_excludes with fscache
* 171: 62a3d3c = 174: b2c8d16 fetch-pack.c: enable fscache for
stats under .git/objects
* 172: 71c8974 = 175: 2bdea05 checkout.c: enable fscache for
checkout again
* 173: 7ffa2ec = 176: ade2577 Enable the filesystem cache
(fscache) in refresh_index().
* 174: 0c81d79 = 177: 72e7282 fscache: use FindFirstFileExW to
avoid retrieving the short name
* 175: d27fb3c = 178: 24990f9 status: disable and free fscache
at the end of the status command
* 176: b0da78f = 179: 17b2ca1 fscache: add GIT_TEST_FSCACHE
support
* 177: c27092b = 180: 71c001b fscache: add fscache hit
statistics
* 178: 409d6ec = 181: 3d55d81 mem_pool: add GIT_TRACE_MEMPOOL
support
* 179: 0d603f9 = 182: b0d0b14 fscache: fscache takes an
initial size
* 180: 580ced9 = 183: d042571 fscache: update fscache to be
thread specific instead of global
* 181: 1ad0115 = 184: f5368b6 fscache: teach fscache to use
mempool
* 182: 8e76d16 = 185: 31d4005 fscache: make fscache_enable()
thread safe
* 184: fe8536e = 186: cf693a8 fscache: teach fscache to use
NtQueryDirectoryFile
* 186: f67147a = 187: e47cadc unpack-trees: enable fscache for
sparse-checkout
* 188: 8ee5310 = 188: 5fc6a7c fscache: remember the reparse
tag for each entry
* 190: 00da8ee = 189: 014d3fe fscache: implement an
FSCache-aware is_mount_point()
* 183: 8393a50 = 190: 7182f92 git-gui: provide question helper
for retry fallback on Windows
* 192:  36b6ed3 = 191:  bc90e75 clean: make use of FSCache
* 185: 6704d86 = 192: 25f46e3 git gui: set
GIT_ASKPASS=git-gui--askpass if not set yet
* 193: 908c5a1 = 193: 138f2a2 gitk: Unicode file name support
* 187: 2bd9665 = 194: e1f73ec git-gui--askyesno: fix funny
text wrapping
* 194: 1a36bff = 195: 5c6b2a6 gitk: Use an external icon file
on Windows
* 189: 7117b15 = 196: b532ee6 git-gui--askyesno: allow
overriding the window title
* 195: 8999621 = 197: 4a5f1dc gitk: fix arrow keys in input
fields with Tcl/Tk >= 8.6
* 191: cd492f2 = 198: d033151 git-gui--askyesno (mingw): use
Git for Windows' icon, if available
* 196: cafd484 = 199: 17d1088 gitk: make the "list references"
default window width wider
* 197: 327543d = 200: 6adb8e4 pack-objects (mingw):
demonstrate a segmentation fault with large deltas
* 198:  bfc3db8 = 201:  94378c1 mingw: support long paths
* 199: 05674cc = 202: a5d11ab Win32: fix 'lstat("dir/")' with
long paths
* 200: 4ec7736 = 203: 3c4cd62 win32(long path support): leave
drive-less absolute paths intact
* 201: 884eda4 = 204: 072902e mingw: Support
`git_terminal_prompt` with more terminals
* 202: 448abe1 = 205: e79bbe4 compat/terminal.c: only use the
Windows console if bash 'read -r' fails
* 203: 7f91760 = 206: 0449fa6 mingw (git_terminal_prompt): do
fall back to CONIN$/CONOUT$ method
* 204: af1cd45 = 207: 37575e0 strbuf_readlink: don't call
readlink twice if hint is the exact link size
* 210: 5f4c415 = 208: 314d9aa compat/fsmonitor/fsm-*-win32:
support long paths
* 211: 4b2711a = 209: 2286800 clean: suggest using
`core.longPaths` if paths are too long to remove
* 205: dedb1ae = 210: 16ba97e strbuf_readlink: support link
targets that exceed PATH_MAX
* 206: 2e09e44 = 211: 3bbb298 lockfile.c: use is_dir_sep()
instead of hardcoded '/' checks
* 207: aadf124 = 212: 014c9ba Win32: don't call
GetFileAttributes twice in mingw_lstat()
* 208: de191d1 = 213: a5e362e Win32: implement stat() with
symlink support
* 209: af7734a = 214: 70e161c Win32: remove separate
do_lstat() function
* 212: 7a45cf7 = 215: 6a57f09 Win32: let mingw_lstat() error
early upon problems with reparse points
* 213: 6c99a15 = 216: d1a637d mingw: teach fscache and dirent
about symlinks
* 214: 41c5c14 = 217: b160896 Win32: lstat(): return adequate
stat.st_size for symlinks
* 215:  65b8430 = 218:  3b126ac Win32: factor out retry logic
* 216: a67d839 = 219: 60b07ae Win32: change default of
'core.symlinks' to false
* 217: 24160db = 220: eddaa17 Win32: add symlink-specific
error codes
* 218: d3df280 = 221: db44028 Win32: mingw_unlink: support
symlinks to directories
* 219: 87b35ec = 222: 9be895c Win32: mingw_rename: support
renaming symlinks
* 220: 4a58657 = 223: 0ee6c2c Win32: mingw_chdir: change to
symlink-resolved directory
* 221:  585b4bb = 224:  6fa7f53 Win32: implement readlink()
* 222: 4236f8c = 225: 16c8396 mingw: lstat: compute correct
size for symlinks
* 223: 17bf729 = 226: 4bcc8a5 Win32: implement basic symlink()
functionality (file symlinks only)
* 224: f7ab0fb = 227: 0a04e07 Win32: symlink: add support for
symlinks to directories
* 225: 96891c3 = 228: e4a2ade mingw: try to create symlinks
without elevated permissions
* 226: 85d41e4 = 229: cffe5af mingw: emulate stat() a little
more faithfully
* 227: c80d141 = 230: 71f5ae4 mingw: special-case index
entries for symlinks with buggy size
* 228: 06376e6 = 231: 3b7f7fa mingw: introduce code to detect
whether we're inside a Windows container
* 229: eb17c48 = 232: 7cd902e mingw: when running in a Windows
container, try to rename() harder
* 230: f33e574 = 233: 11f08d4 mingw: move the
file_attr_to_st_mode() function definition
* 231: 167e81d = 234: f558a61 mingw: Windows Docker volumes
are *not* symbolic links
* 232: e13c7c6 = 235: 249fd8a Win32: symlink: move phantom
symlink creation to a separate function
* 234: ad1b7a4 = 236: 4d5a59a Introduce helper to create
symlinks that knows about index_state
* 235: 3199b1b = 237: 61e072f mingw: allow to specify the
symlink type in .gitattributes
* 236: faf1f46 = 238: b093fc0 Win32: symlink: add test for
`symlink` attribute
* 237: dfbdd01 = 239: 07d0a7a mingw: explicitly specify with
which cmd to prefix the cmdline
* 238: 0612f86 = 240: 132edae mingw: when path_lookup()
failed, try BusyBox
* 239: 3b9554e = 241: 95e3587 test-lib: avoid unnecessary Perl
invocation
* 240: f6719f8 = 242: bcec4b7 test-tool: learn to act as a
drop-in replacement for `iconv`
* 241: d7f4c1d = 243: cf2505f tests(mingw): if `iconv` is
unavailable, use `test-helper --iconv`
* 242: f03dc97 = 244: 6c4d258 gitattributes: mark .png files
as binary
* 233: 3e617a8 = 245: e333dec mingw: work around rename()
failing on a read-only file
* 243: 14fa4bf = 246: 7a8d524 tests: move test PNGs into
t/lib-diff/
* 244: 87dc864 = 247: dbd5f28 tests: only override sort & find
if there are usable ones in /usr/bin/
* 245: 3789353 = 248: 1064509 tests: use the correct path
separator with BusyBox
* 246: 6a6623b = 249: d442413 mingw: only use Bash-ism
`builtin pwd -W` when available
* 247: 7f70225 = 250: 14549d6 tests (mingw): remove
Bash-specific pwd option
* 248: 5503200 = 251: ace3077 test-lib: add BUSYBOX
prerequisite
* 249: 7ccc72d = 252: 332f414 t5003: use binary file from
t/lib-diff/
* 250: bf6204f = 253: 5099904 t5532: workaround for BusyBox on
Windows
* 251: 7c97cdd = 254: 680c136 t5605: special-case hardlink
test for BusyBox-w32
* 252: 25a13ab = 255: bb27736 t5813: allow for $PWD to be a
Windows path
* 253: 7e1cf71 = 256: ac2fe47 t9200: skip tests when $PWD
contains a colon
* 254: 77fb64f = 257: 9db019a mingw: add a Makefile target to
copy test artifacts
* 256: 0adaeae = 258: 1ecb133 mingw: kill child processes in a
gentler way
* 258: 3a711ce = 259: 4238ff7 mingw: do not call
xutftowcs_path in mingw_mktemp
* 255: 2e1f7ed = 260: c4cee35 mingw: optionally enable wsl
compability file mode bits
* 257:  64b0171 = 261:  0eaad07 mingw: really handle SIGINT
* 260: de57309 = 262: e1a61a8 Partially un-revert "editor:
save and reset terminal after calling EDITOR"
* 264: 49453d0 = 263: 6071d7a Describe Git for Windows'
architecture [no ci]
* 265: 2890784 = 264: d94525a Modify the Code of Conduct for
Git for Windows
* 266: 2b556c9 = 265: 6e5660d CONTRIBUTING.md: add guide for
first-time contributors
* 267: b7c9a2b = 266: 07c3ffc README.md: Add a
Windows-specific preamble
* 268:  1f22ae1 = 267:  126f900 Add an issue template
* 259: a0a9279 = 268: fc4f4cd Add a GitHub workflow to monitor
component updates
* 269: 5b004bc = 269: a1fc7cd Modify the GitHub Pull Request
template (to reflect Git for Windows)
* 261: db1e920 = 270: e4fe80e reset: reinstate support for the
deprecated --stdin option
* 262: c359f03 = 271: c3c769b fsmonitor: reintroduce
core.useBuiltinFSMonitor
* 263: 8732d41 = 272: b18e4dc dependabot: help keeping GitHub
Actions versions up to date
* 270: b6c04e4 = 273: ed5a452 SECURITY.md: document Git for
Windows' policies
* 275: 9b81fae (upstream: 1fbb8d7) < -: ------------
builtin/blame: fix out-of-bounds read with excessive `--abbrev`
* 276: 049f0cf (upstream: 64f3ff3) < -: ------------
GIT-VERSION-GEN: allow it to be run in parallel

</details>

Author: dscho

Documentation/RelNotes/2.48.0.txt

@@ -47,15 +47,15 @@ Performance, Internal Implementation, Development Support etc.
 
  * The way AsciiDoc is used for SYNOPSIS part of the manual pages has
    been revamped.  The sources, at least for the simple cases, got
-   vastly pleasant to work with.
+   vastly more pleasant to work with.
 
  * The reftable library is now prepared to expect that the memory
    allocation function given to it may fail to allocate and to deal
    with such an error.
 
  * An extra worktree attached to a repository points at each other to
-   allow finding the repository from the worktree and vice versa
-   possible.  Turn this linkage to relative paths.
+   allow finding the repository from the worktree (and vice versa)
+   possible.  Use relative paths for this linkage.
 
  * Enable Windows-based CI in GitLab.
 
@@ -94,7 +94,7 @@ Performance, Internal Implementation, Development Support etc.
  * Update the project's CodingGuidelines to discourage naming functions
    with a "_1()" suffix.
 
- * Updates the '.clang-format' to match project conventions.
+ * Update '.clang-format' to match project conventions.
 
  * Centralize documentation for repository extensions into a single place.
 
@@ -116,7 +116,7 @@ Performance, Internal Implementation, Development Support etc.
  * The migration procedure between two ref backends has been optimized.
 
  * "git fsck" learned to issue warnings on "curiously formatted" ref
-   contents that have always been taken valid but something Git
+   contents that have always been treated as valid but that Git
    wouldn't have written itself (e.g., missing terminating end-of-line
    after the full object name).
 
@@ -127,13 +127,13 @@ Performance, Internal Implementation, Development Support etc.
 
  * Drop support for ancient environments in various CI jobs.
 
- * Isolates the reftable subsystem from the rest of Git's codebase by
+ * Isolate the reftable subsystem from the rest of Git's codebase by
    using fewer pieces of Git's infrastructure.
 
  * Optimize reading random references out of the reftable backend by
    allowing reuse of iterator objects.
 
- * Backport oss-fuzz tests for us to our codebase.
+ * Backport oss-fuzz tests to our codebase.
 
  * Introduce a new repository extension to prevent older Git versions
    from mis-interpreting worktrees created with relative paths.
@@ -173,13 +173,13 @@ Fixes since v2.47
 -----------------
 
  * Doc update to clarify how periodical maintenance are scheduled,
-   spread across time to avoid thundering hurds.
+   spread across time to avoid thundering herds.
 
  * Use after free and double freeing at the end in "git log -L... -p"
    had been identified and fixed.
 
  * On macOS, fsmonitor can fall into a race condition that results in
-   a client waiting forever to be notified for an event that have
+   a client waiting forever to be notified about an event that has
    already happened.  This problem has been corrected.
 
  * "git maintenance start" crashed due to an uninitialized variable
@@ -203,7 +203,7 @@ Fixes since v2.47
  * The dumb-http code regressed when the result of re-indexing a pack
    yielded an *.idx file that differs in content from the *.idx file
    it downloaded from the remote. This has been corrected by no longer
-   relying on: the *.idx file we got from the remote.
+   relying on the *.idx file we got from the remote.
 
  * When called with '--left-right' and '--use-bitmap-index', 'rev-list'
    will produce output without any left/right markers, which has been
@@ -227,7 +227,7 @@ Fixes since v2.47
  * "git gc" discards any objects that are outside promisor packs that
    are referred to by an object in a promisor pack, and we do not
    refetch them from the promisor at runtime, resulting an unusable
-   repository.  Work it around by including these objects in the
+   repository.  Work around it by including these objects in the
    referring promisor pack at the receiving end of the fetch.
 
  * Avoid build/test breakage on a system without working malloc debug
@@ -282,9 +282,8 @@ Fixes since v2.47
    on the path, which was not documented, which has been corrected.
    (merge bc1a980759 kk/doc-ancestry-path later to maint).
 
-
  * "git tag" has been taught to refuse to create refs/tags/HEAD
-   as such a tag will be confusing in the context of UI provided by
+   since such a tag will be confusing in the context of the UI provided by
    the Git Porcelain commands.
    (merge bbd445d5ef jc/forbid-head-as-tagname later to maint).
 

Documentation/config.txt

@@ -524,6 +524,8 @@ include::config/sequencer.txt[]
 
 include::config/showbranch.txt[]
 
+include::config/sideband.txt[]
+
 include::config/sparse.txt[]
 
 include::config/splitindex.txt[]

Documentation/config/credential.txt

@@ -22,6 +22,17 @@ credential.useHttpPath::
 	or https URL to be important. Defaults to false. See
 	linkgit:gitcredentials[7] for more information.
 
+credential.sanitizePrompt::
+	By default, user names and hosts that are shown as part of the
+	password prompt are not allowed to contain control characters (they
+	will be URL-encoded by default). Configure this setting to `false` to
+	override that behavior.
+
+credential.protectProtocol::
+	By default, Carriage Return characters are not allowed in the protocol
+	that is used when Git talks to a credential helper. This setting allows
+	users to override this default.
+
 credential.username::
 	If no username is set for a network authentication, use this username
 	by default. See credential.<context>.* below, and

Documentation/config/sideband.txt

@@ -0,0 +1,16 @@
+sideband.allowControlCharacters::
+	By default, control characters that are delivered via the sideband
+	are masked, except ANSI color sequences. This prevents potentially
+	unwanted ANSI escape sequences from being sent to the terminal. Use
+	this config setting to override this behavior:
++
+--
+	color::
+		Allow ANSI color sequences, line feeds and horizontal tabs,
+		but mask all other control characters. This is the default.
+	false::
+		Mask all control characters other than line feeds and
+		horizontal tabs.
+	true::
+		Allow all control characters to be sent to the terminal.
+--

GIT-VERSION-GEN

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-DEF_VER=v2.48.0-rc2
+DEF_VER=v2.48.0
 
 LF='
 '
@@ -86,11 +86,11 @@ sed -e "s|@GIT_VERSION@|$GIT_VERSION|" \
 	-e "s|@GIT_BUILT_FROM_COMMIT@|$GIT_BUILT_FROM_COMMIT|" \
 	-e "s|@GIT_USER_AGENT@|$GIT_USER_AGENT|" \
 	-e "s|@GIT_DATE@|$GIT_DATE|" \
-	"$INPUT" >"$OUTPUT".$$
+	"$INPUT" >"$OUTPUT".$$+
 
-if ! test -f "$OUTPUT" || ! cmp "$OUTPUT".$$ "$OUTPUT" >/dev/null
+if ! test -f "$OUTPUT" || ! cmp "$OUTPUT".$$+ "$OUTPUT" >/dev/null
 then
-	mv "$OUTPUT".$$ "$OUTPUT"
+	mv "$OUTPUT".$$+ "$OUTPUT"
 else
-	rm "$OUTPUT".$$
+	rm "$OUTPUT".$$+
 fi

builtin/blame.c

@@ -476,13 +476,6 @@ static void emit_other(struct blame_scoreboard *sb, struct blame_entry *ent, int
 		size_t length = (opt & OUTPUT_LONG_OBJECT_NAME) ?
 			the_hash_algo->hexsz : (size_t) abbrev;
 
-		/*
-		 * Leave enough space for ^, * and ? indicators (boundary,
-		 * unblamable, ignored).
-		 */
-		if (length > GIT_MAX_HEXSZ + 3)
-			length = GIT_MAX_HEXSZ + 3;
-
 		if (opt & OUTPUT_COLOR_LINE) {
 			if (cnt > 0) {
 				color = repeated_meta_color;
@@ -496,9 +489,9 @@ static void emit_other(struct blame_scoreboard *sb, struct blame_entry *ent, int
 			fputs(color, stdout);
 
 		if (suspect->commit->object.flags & UNINTERESTING) {
-			if (blank_boundary)
-				memset(hex, ' ', length);
-			else if (!(opt & OUTPUT_ANNOTATE_COMPAT)) {
+			if (blank_boundary) {
+				memset(hex, ' ', strlen(hex));
+			} else if (!(opt & OUTPUT_ANNOTATE_COMPAT)) {
 				length--;
 				putchar('^');
 			}
@@ -512,7 +505,8 @@ static void emit_other(struct blame_scoreboard *sb, struct blame_entry *ent, int
 			length--;
 			putchar('?');
 		}
-		printf("%.*s", (int)length, hex);
+
+		printf("%.*s", (int)(length < GIT_MAX_HEXSZ ? length : GIT_MAX_HEXSZ), hex);
 		if (opt & OUTPUT_ANNOTATE_COMPAT) {
 			const char *name;
 			if (opt & OUTPUT_SHOW_EMAIL)

builtin/fetch.c

@@ -1588,8 +1588,8 @@ static void set_head_advice_msg(const char *remote, const char *head_name)
 	N_("Run 'git remote set-head %s %s' to follow the change, or set\n"
 	   "'remote.%s.followRemoteHEAD' configuration option to a different value\n"
 	   "if you do not want to see this message. Specifically running\n"
-	   "'git config set remote.%s.followRemoteHEAD %s' will disable the warning\n"
-	   "until the remote changes HEAD to something else.");
+	   "'git config set remote.%s.followRemoteHEAD warn-if-not-branch-%s'\n"
+	   "will disable the warning until the remote changes HEAD to something else.");
 
 	advise_if_enabled(ADVICE_FETCH_SET_HEAD_WARN, _(message_advice_set_head),
 			remote, head_name, remote, remote, head_name);

credential.c

@@ -130,6 +130,10 @@ static int credential_config_callback(const char *var, const char *value,
 	}
 	else if (!strcmp(key, "usehttppath"))
 		c->use_http_path = git_config_bool(var, value);
+	else if (!strcmp(key, "sanitizeprompt"))
+		c->sanitize_prompt = git_config_bool(var, value);
+	else if (!strcmp(key, "protectprotocol"))
+		c->protect_protocol = git_config_bool(var, value);
 
 	return 0;
 }
@@ -227,7 +231,8 @@ static void credential_format(struct credential *c, struct strbuf *out)
 		strbuf_addch(out, '@');
 	}
 	if (c->host)
-		strbuf_addstr(out, c->host);
+		strbuf_add_percentencode(out, c->host,
+					 STRBUF_ENCODE_HOST_AND_PORT);
 	if (c->path) {
 		strbuf_addch(out, '/');
 		strbuf_add_percentencode(out, c->path, 0);
@@ -241,7 +246,10 @@ static char *credential_ask_one(const char *what, struct credential *c,
 	struct strbuf prompt = STRBUF_INIT;
 	char *r;
 
-	credential_describe(c, &desc);
+	if (c->sanitize_prompt)
+		credential_format(c, &desc);
+	else
+		credential_describe(c, &desc);
 	if (desc.len)
 		strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
 	else
@@ -382,7 +390,8 @@ int credential_read(struct credential *c, FILE *fp,
 	return 0;
 }
 
-static void credential_write_item(FILE *fp, const char *key, const char *value,
+static void credential_write_item(const struct credential *c,
+				  FILE *fp, const char *key, const char *value,
 				  int required)
 {
 	if (!value && required)
@@ -391,41 +400,45 @@ static void credential_write_item(FILE *fp, const char *key, const char *value,
 		return;
 	if (strchr(value, '\n'))
 		die("credential value for %s contains newline", key);
+	if (c->protect_protocol && strchr(value, '\r'))
+		die("credential value for %s contains carriage return\n"
+		    "If this is intended, set `credential.protectProtocol=false`",
+		    key);
 	fprintf(fp, "%s=%s\n", key, value);
 }
 
 void credential_write(const struct credential *c, FILE *fp,
 		      enum credential_op_type op_type)
 {
 	if (credential_has_capability(&c->capa_authtype, op_type))
-		credential_write_item(fp, "capability[]", "authtype", 0);
+		credential_write_item(c, fp, "capability[]", "authtype", 0);
 	if (credential_has_capability(&c->capa_state, op_type))
-		credential_write_item(fp, "capability[]", "state", 0);
+		credential_write_item(c, fp, "capability[]", "state", 0);
 
 	if (credential_has_capability(&c->capa_authtype, op_type)) {
-		credential_write_item(fp, "authtype", c->authtype, 0);
-		credential_write_item(fp, "credential", c->credential, 0);
+		credential_write_item(c, fp, "authtype", c->authtype, 0);
+		credential_write_item(c, fp, "credential", c->credential, 0);
 		if (c->ephemeral)
-			credential_write_item(fp, "ephemeral", "1", 0);
+			credential_write_item(c, fp, "ephemeral", "1", 0);
 	}
-	credential_write_item(fp, "protocol", c->protocol, 1);
-	credential_write_item(fp, "host", c->host, 1);
-	credential_write_item(fp, "path", c->path, 0);
-	credential_write_item(fp, "username", c->username, 0);
-	credential_write_item(fp, "password", c->password, 0);
-	credential_write_item(fp, "oauth_refresh_token", c->oauth_refresh_token, 0);
+	credential_write_item(c, fp, "protocol", c->protocol, 1);
+	credential_write_item(c, fp, "host", c->host, 1);
+	credential_write_item(c, fp, "path", c->path, 0);
+	credential_write_item(c, fp, "username", c->username, 0);
+	credential_write_item(c, fp, "password", c->password, 0);
+	credential_write_item(c, fp, "oauth_refresh_token", c->oauth_refresh_token, 0);
 	if (c->password_expiry_utc != TIME_MAX) {
 		char *s = xstrfmt("%"PRItime, c->password_expiry_utc);
-		credential_write_item(fp, "password_expiry_utc", s, 0);
+		credential_write_item(c, fp, "password_expiry_utc", s, 0);
 		free(s);
 	}
 	for (size_t i = 0; i < c->wwwauth_headers.nr; i++)
-		credential_write_item(fp, "wwwauth[]", c->wwwauth_headers.v[i], 0);
+		credential_write_item(c, fp, "wwwauth[]", c->wwwauth_headers.v[i], 0);
 	if (credential_has_capability(&c->capa_state, op_type)) {
 		if (c->multistage)
-			credential_write_item(fp, "continue", "1", 0);
+			credential_write_item(c, fp, "continue", "1", 0);
 		for (size_t i = 0; i < c->state_headers_to_send.nr; i++)
-			credential_write_item(fp, "state[]", c->state_headers_to_send.v[i], 0);
+			credential_write_item(c, fp, "state[]", c->state_headers_to_send.v[i], 0);
 	}
 }
 

credential.h

@@ -168,7 +168,9 @@ struct credential {
 		 multistage: 1,
 		 quit:1,
 		 use_http_path:1,
-		 username_from_proto:1;
+		 username_from_proto:1,
+		 sanitize_prompt:1,
+		 protect_protocol:1;
 
 	struct credential_capability capa_authtype;
 	struct credential_capability capa_state;
@@ -195,6 +197,8 @@ struct credential {
 	.wwwauth_headers = STRVEC_INIT, \
 	.state_headers = STRVEC_INIT, \
 	.state_headers_to_send = STRVEC_INIT, \
+	.sanitize_prompt = 1, \
+	.protect_protocol = 1, \
 }
 
 /* Initialize a credential structure, setting all fields to empty. */

perl/FromCPAN/Mail/meson.build

@@ -4,4 +4,5 @@ test_dependencies += custom_target(
   command: generate_perl_command,
   install: true,
   install_dir: get_option('datadir') / 'perl5/FromCPAN/Mail',
+  depends: [git_version_file],
 )