Git Rev News: Edition 119 (January 31st, 2025)
Welcome to the 119th edition of Git Rev News, a digest of all things Git. For our goals, the archives, the way we work, and how to contribute or to subscribe, see the Git Rev News page on git.github.io.
This edition covers what happened during the months of December 2024 and January 2025.
Discussions
Support
-
git support for “xattrs” (extended filesystem attributes)?
Peter B. asked on the Git mailing list if there was a way to store extended attributes (xattrs) in Git. His use case was professional archival collection and he needed bit-proof preservation of all xattrs, even larger ones.
Junio Hamano, the Git maintainer, replied that Git only tracks “contents, pathnames where these contents are stored, and the executable bit”.
Jeff King, alias Peff, also replied to Peter confirming that Git, like most other version control systems, doesn’t store most metadata, but pointing to other tools, etckeeper and metastore, that can help with storing them in a separate file and restoring them on checkout.
Junio agreed with Peff that Git is extensible that way.
brian m. carlson replied to Peter mentioning other possibilities. One is to use the
.gitattributes
files to store a few xattrs with values that are “well stored as text”, and thengit ls-attr
and apost-checkout
hook to restore them.Another possibility is to use mtree utilities to store or restore metadata from or into mtree files. brian especially pointed to go-mtree which supports xattrs. As
mtree
is an extensible key-value format, brian uses it to store the install location of his dotfiles.Peter replied to brian thanking everyone for the suggestions and saying he would especially take a look at
mtree
andmetastore
. He thanked brian again in the following message, saying thatgo-mtree
looked very promising and that he was going to look atpost-checkout
hooks.
Developer Spotlight: Justin Tobler
-
Who are you and what do you do?
My name is Justin Tobler and I am a relatively new contributor to the Git project with my first contributions being made this last year. I work at GitLab and these days spend my time integrating Git into GitLab’s data access layer as well as upstreaming Git fixes/features.
-
What would you name your most important contribution to Git?
Most of my contributions thus far have been relatively minor bug fixes, but one bug I found particularly interesting was with the table compaction algorithm in the new reftable reference backend. There was a theoretical scenario where certain Git operations could be performed and new tables written, but table compaction would never occur. This was found when tests on certain platforms started failing because of file descriptor limits being exceeded.
-
What are you doing on the Git project these days, and why?
One topic I’m currently working on is introducing a way to generate batches of specific blob diffs. This is not particularly useful for users, but for Git servers it’s a nice feature.
I still have much to learn about the project so I also enjoy looking into the inflight topics that pop on the mailing list.
-
If you could remove something from Git without worrying about backwards compatibility, what would it be?
I don’t have anything specific in mind, but it would probably be along the lines of changes to make the Git CLI more consistent across its various commands.
-
What is your favorite Git-related tool/library, outside of Git itself?
For my Git-related workflow, outside of GitLab, I primarily use the Git CLI for everything.
-
What is your toolbox for interacting with the mailing list and for development of Git?
For interacting with the mailing list my workflow primarily consists of using
neomutt
andgit send-email
, but I have also recently been exploringb4
.For development, I use
neovim
as my editor with an assortment of plugins. -
What is your advice for people who want to start Git development? Where and how should they start?
If you are unfamiliar with the mailing workflow, GitGitGadget can help handle formatting patches and sending them off to the mailing list. My first couple of patch series used this tool and I found it useful to get started without having to be super familiar with
git format-patch
andgit send-email
. Other than that, I also find it very helpful to observe how other contributors submit patches and interact on the mailing list. -
If there’s one tip you would like to share with other Git developers, what would it be?
I appreciate when the authors of a patch series provide as much background as possible to the change being made. Reading incoming patch series is a great way to learn about the project and it is very helpful when the required context overhead is minimized.
Other News
Various
- Highlights from Git 2.48
by Taylor Blau on GitHub Blog, about
faster SHA-1 computations for checksums, adding option
--remerge-diff
to thegit range-diff
command, memory-leak-free tests, introducing the Meson build system, and more. - What’s new in Git 2.48.0?
by Christian Couder on GitLab Blog, about
the Meson build system, Git becoming memory-leak-free, improved bundle URI checks,
adding reference consistency checks, more performant ‘reftables’ implementation,
support for reflogs in
git-refs migrate
(to migrate to ‘reftables’), the ‘ref-filter’ subsystem optimizations, and more. - Git security vulnerabilities announced
by Taylor Blau on GitHub Blog:
CVE-2024-50349 (ANSI escape sequences in hostname and prompt for interactive credentials) and
CVE-2024-52006 (specially-crafted repository URL and credential helpers).
- See also Clone2Leak: Your Git Credentials Belong To Us by RyotaK (@ryotkak), a security engineer at GMO Flatt Security Inc.
- Adam Johnson’s book “Boost Your Git DX” has been updated with 28 new pages of content. This book was first mentioned in Git Rev News Edition #104.
Light reading
- Off-the-shelf governance models for small FOSS projects?
by Antonin Delpeuch, about an idea for
GOVERNANCE.md
file template or generator, as another recommended addition toREADME.md
,LICENSE
, and Code of Conduct. Mergiraf’sGOVERNANCE.md
is his example - the goal here is to make it clear for project users what one can do if there is an issue/bug, or if one wants to add a new feature to a project. - Re: DCO by Bradley M. Kuhn of Software Freedom Conservancy on GDB Development mailing list (via GDB public-inbox instance), about the considerations when adopting the Developer Certificate of Origin for a project (similarly to the Linux kernel and Git).
- The many names of commit 55039832f98c by Jonathan Corbet on LWN.net, about difficulties finding the commit in mainline kernel repository that corresponds to the specific commit/patch sent to the stable-update mailing list, in the presence of DRM community’s wide use of cherry-picking (without something like “change ID” that is used by Gerrit).
- The slow death of TuxFamily, a French free-software-hosting service, by Joe Brockmeier on LWN.net.
- A Retrospective on the Source Code Control System by Marc J. Rochkind (PDF).
- Considerations for making a tree view component (in a web Git UI) accessible by Eric Bailey on GitHub Blog.
- Commit subject case in Git history analysis by D. Ben Knoble, as a blog post on his Junk Drawer site.
- Colliding with the SHA prefix of Linux’s initial Git commit
Or, how to break all the tools that parse the “Fixes:” tag,
by Kees Cook on people.kernel.org. Note that the 12-character prefix collision
was generated with the help of the lucky-commit project;
this tool was mentioned in Git Rev News Edition #109.
- See also Facing the Git commit-ID collision catastrophe by Jonathan Corbet on LWN.net, mentioned in the previous edition.
- How to set up your
own Git serverGitea instance at home for your personal projects by Ty Sherback on XDA Developers.- Gitea, a Go-based software forge (fork of Gogs), was first mentioned in Git Rev News Edition #23. There is also Forgejo, a fork of Gitea, mentioned in Git Rev News Edition #114.
- Is there a way to split the git history of a file or combine the histories of two files without a merge commit?,
a short exploration by Raymond Chen on The Old New Thing, part of Microsoft Dev Blogs.
- Some of the other blog posts referenced in the above-mentioned exploration also made their appearance in Git Rev News: Mundane git tricks: Combining two files into one while preserving line history was mentioned in Edition #51. How do I split a file into two while preserving git line history? was not present, but the related How to split off an older copy of a file while preserving git line history appeared in Edition #104.
- Edit commit message with git reword (
git commit --fixup:reword=<commit>
) in Brandon Pugh’s TILs: Today I learned… (2024). - How I use git worktrees
(with the help of custom worktree script)
by Bill Mill on their blog (2024).
- See also How I Use Git Worktrees by Alex Kladov (matklad) on his GitHub Pages-based blog, mentioned in Git Rev News Edition #113.
- Git Trailers by Brooke Kuhlmann was mentioned in Git Rev News Edition #108, but was since then updated.
Git tools and sites
- Project Harmony (Harmony Agreements) is a community-centered group focused on contributor agreements for free and open source software (FOSS).
- todo-md is a pre-commit hook written in Bash
that automatically maintains a
TODO.md
file in your repository. It collectsTODO:
comments from your code and organizes them into a Markdown file, making it easy to track tasks and improvements. Under MIT license. - Yek (يک) is a fast Rust based tool to serialize (selected) text-based files in a repository or directory into a single file meant for LLM consumption. Mentions similar projects. Under MIT license.
Releases
- Git 2.48.1 and friends (security releases), 2.48.0, 2.48.0-rc2
- Git for Windows 2.47.1(2) (security release), 2.48.0-rc2(1)
- GitLab 17.8.1, 17.7.3, 17.6.4, 17.8, 17.7.2, 17.7.1, 17.6.3, 17.5.5
- Gerrit Code Review 3.10.4, 3.11.1, 3.9.9
- GitHub Enterprise 3.15.2, 3.14.7, 3.13.10, 3.12.14
- GitKraken 10.6.3, 10.6.2, 10.6.1
- GitHub Desktop 3.4.15, 3.4.14, 3.4.13
- Garden 2.0.0, 1.10.1
- Git Cola 4.11.0
- GitButler 0.14.6, 0.14.5
Credits
This edition of Git Rev News was curated by Christian Couder <christian.couder@gmail.com>, Jakub Narębski <jnareb@gmail.com>, Markus Jansen <mja@jansen-preisler.de> and Kaartic Sivaraam <kaartic.sivaraam@gmail.com> with help from Justin Tobler, D. Ben Knoble, Brandon Pugh, Štěpán Němec and Adam Johnson.