This relates to https://gist.github.com/EliahKagan/cf7f0063d67c08a67747036bb000f8b9.
Eliah Kagan EliahKagan
EliahKagan
/ 0-title.txt
Last active
July 4, 2024 22:22
Draft of gitoxide many_different_states new Windows failure issue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| many_different_states fails on Windows with GIX_TEST_IGNORE_ARCHIVES=1 |
EliahKagan
/ README.md
Created
July 4, 2024 17:58
Full output of running tests with gix-diff/tests/tree
EliahKagan
/ README.md
Created
July 4, 2024 17:33
gitoxide test run on Windows with GIX_TEST_IGNORE_ARCHIVES=1 after #1441
These are gitoxide test runs with
GIX_TEST_IGNORE_ARCHIVES=1 cargo nextest run --all --no-fail-faston Windows 10 64-bit (with developer mode enabled, i.e., unprivileged symlink creattion).
This is a rerun after Byron/gitoxide#1441 and can be compared to https://gist.github.com/EliahKagan/03e2e2d06299c5ba13837f327afa8536, which is linked from Byron/gitoxide#1358. There is one new test failure:
This is a draft, not in its final form, of a comment in Byron/gitoxide#1437. At minimum the forthcoming PRs need to be opened and their PR numbers filled in.
EliahKagan
/ rustsec-pr-draft-cve-2024-35197-devices.md
Last active
July 3, 2024 23:35
RUSTSEC PR draft - Advisory for CVE-2024-35197 in gix-ref, gix-index, gix-worktree
This adds notices for the Windows device name handling vulnerability CVE-2024-35197 (https://github.com/Byron/gitoxide/security/advisories/GHSA-49jc-r788-3fc9). This is a separate vulnerability from the one that # is about—and I cannot open a single PR for both because they both have RUSTSEC-0000-0000.md files in two of the same locations until IDs are assigned—but it is likewise discussed in Byron/gitoxide#1437 (cc @Byron).
The advisory text (long description) is what I wrote for https://github.com/Byron/gitoxide/security/advisories/GHSA-49jc-r788-3fc9 and is essentially the same as in the global advisory. This is analogous to the situation in #, albeit for different advisories/vulnerabilities. Both there and here, it is and has always been my intention that this text be dedicated to the public domain (with CC0).
Some of the same considerations there apply here as well, su
EliahKagan
/ rustsc-pr-draft-cve-2024-35186-traversal.md
Last active
July 3, 2024 23:29
RUSTSEC PR draft - Advisory for CVE-2024-35186 in gix-fs, gix-index, gix-worktree
This adds notices for the directory traversal vulnerability CVE-2024-35186 (https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c), as discussed in Byron/gitoxide#1437 (cc @Byron). The gitoxide project is divided into a substantial number of crates, and multiple crates are affected, in the sense of containing code that needed to be changed to fix the vulnerability.
This PR proposes notices for only three of the seven crates listed as affected in https://github.com/Byron/gitoxide/security/advisories/GHSA-7w47-3wg8-547c. I believe these to be the primary affected crates, such that the other crates are mainly affected due to their use of the primary affected crates (though their code also had to be changed to fit the new API). This is in accordance with my extrapolation of the guidance given in rustsec/advisory-db#1703 (comment) and rustsec/advisory-db#1705 (comment), but I am not certa
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cargo install gitoxide --no-default-features --features 'max-control,gix-features/zlib-stock,gitoxide-core-blocking-client,http-client-curl' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diskpart | |
| select disk 0 | |
| convert gpt | |
| create partition primary | |
| select partition 1 | |
| format fs=ntfs quick | |
| assign letter=C: |
EliahKagan
/ README.md
Last active
June 30, 2024 06:48
gitoxide test runs on 32-bit Windows 10 (without symlink privilege)
The "before" run, run-1-before-change.txt, is without a change I am proposing. The build fails due to a compile error in a test in gix-revision.
The "after" run, run-2-after-change.txt, is with the proposed change. 28 tests fail, but all crates' tests are able to be compiled and attempted.
EliahKagan
/ 32bit-cargo-install-gitoxide-nolibzng.txt
Created
June 29, 2024 22:34
32-but Windows 10: cargo install gitoxide --no-default-features --features 'max-control,gix-features/zlib-stock,gitoxide-core-blocking-client,http-client-curl'
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS C:\Users\ek> cargo install gitoxide --no-default-features --features 'max-control,gix-features/zlib-stock,gitoxide-core-blocking-client,http-client-curl' | |
| Updating crates.io index | |
| Installing gitoxide v0.36.0 | |
| Updating crates.io index | |
| Locking 293 packages to latest compatible versions | |
| Adding bitflags v1.3.2 (latest: v2.6.0) | |
| Adding crosstermion v0.13.0 (latest: v0.14.0) | |
| Adding dashmap v5.5.3 (latest: v6.0.1) | |
| Adding env_logger v0.10.2 (latest: v0.11.3) | |
| Adding hashbrown v0.12.3 (latest: v0.14.5) |
NewerOlder