Merge pull request git-lfs#3928 from git-lfs/release-next

release: v2.9.1

Author: bk2204

.github/workflows/ci.yml

@@ -11,6 +11,13 @@ jobs:
     steps:
     - uses: actions/checkout@master
     - run: script/cibuild
+    - run: make release
+    - run: mkdir -p bin/assets
+    - run: find bin/releases -name "*$(uname -s | tr A-Z a-z)*" | xargs -I{} cp {} bin/assets
+    - uses: actions/upload-artifact@v1
+      with:
+        name: ${{ matrix.os }}
+        path: bin/assets
   build-windows:
     name: Build on Windows
     runs-on: windows-latest
@@ -19,7 +26,6 @@ jobs:
     - run: mkdir -p "$HOME/go/bin"
       shell: bash
     - run: set GOPATH=%HOME%\go
-    - run: set PATH=%GOPATH%\bin;%PATH%
     - run: cinst InnoSetup -y
     - run: cinst strawberryperl -y
     - run: choco uninstall git.install -y --force
@@ -36,6 +42,14 @@ jobs:
       shell: bash
     - run: mv bin\git-lfs.exe git-lfs-x64.exe
     - run: iscc script\windows-installer\inno-setup-git-lfs-installer.iss
+    - run: mkdir -p bin/assets
+      shell: bash
+    - run: mv *.exe bin/assets
+      shell: bash
+    - uses: actions/upload-artifact@v1
+      with:
+        name: windows-latest
+        path: bin/assets
   build-latest:
     name: Build with latest Git
     strategy:

.github/workflows/release.yml

@@ -13,7 +13,6 @@ jobs:
     - run: mkdir -p "$HOME/go/bin"
       shell: bash
     - run: set GOPATH=%HOME%\go
-    - run: set PATH=%GOPATH%\bin;%PATH%
     - run: cinst InnoSetup -y
     - run: cinst strawberryperl -y
     - run: cinst zip -y
@@ -32,10 +31,6 @@ jobs:
       shell: bash
     - run: PATH="$HOME/go/bin:$PATH" make bin/releases/git-lfs-windows-386-$(git describe).zip
       shell: bash
-    - run: echo "$PATH"
-      shell: bash
-    - run: find "/c/Program Files (x86)/Windows Kits/10/bin/x86"
-      shell: bash
     - run: PATH="$HOME/go/bin:/c/Program Files (x86)/Windows Kits/10/bin/x86:$PATH" CERT_FILE="$HOME/cert.pfx" make release-windows
       shell: bash
       env:
@@ -68,6 +63,7 @@ jobs:
     steps:
     - uses: actions/checkout@master
     - uses: actions/setup-ruby@v1
+    - run: gem install packagecloud-ruby
     - run: git clone https://github.com/git-lfs/build-dockers.git "$HOME/build-dockers"
     - run: (cd "$HOME/build-dockers" && ./build_dockers.bsh)
     - run: DOCKER_AUTOPULL=0 ./docker/run_dockers.bsh

CHANGELOG.md

@@ -1,5 +1,32 @@
 # Git LFS Changelog
 
+## 2.9.1 (25 November 2019)
+
+This release fixes a few regressions, such as the ability to use HTTP/1.1 when
+required, addresses a race condition, and switches the cookie jar parser to
+something that's easier for distributions to package.
+
+We would like to extend a special thanks to the following open-source
+contributors:
+
+* @nataliechen1 for fixing a data race
+* @ssgelm for writing and updating the code to use a new cookie jar parser
+
+### Features
+
+* Allow specifying HTTP version to use #3887 (@bk2204)
+
+### Bugs
+
+* synchronize access to netrcCredentialHelper.skip #3896 (@nataliechen1)
+* Fix several causes of CI problems #3878 (@bk2204)
+* Miscellaneous release fixes #3866 (@bk2204)
+
+### Misc
+
+* Build artifacts during CI for easier testing #3892 (@bk2204)
+* Use different parser for cookiejar files #3886 (@ssgelm)
+
 ## 2.9.0 (17 October 2019)
 
 This release adds support for DragonFly BSD, adds a new `git lfs dedup` command

config/version.go

@@ -13,7 +13,7 @@ var (
 )
 
 const (
-	Version = "2.9.0"
+	Version = "2.9.1"
 )
 
 func init() {

creds/netrc.go

@@ -5,6 +5,7 @@ import (
 	"os"
 	"path/filepath"
 	"strings"
+	"sync"
 
 	"github.com/git-lfs/git-lfs/config"
 	"github.com/git-lfs/go-netrc/netrc"
@@ -39,6 +40,7 @@ func (f *noFinder) FindMachine(host string) *netrc.Machine {
 // NetrcCredentialHelper retrieves credentials from a .netrc file
 type netrcCredentialHelper struct {
 	netrcFinder NetrcFinder
+	mu          sync.Mutex
 	skip        map[string]bool
 }
 
@@ -65,11 +67,11 @@ func (c *netrcCredentialHelper) Fill(what Creds) (Creds, error) {
 	if err != nil {
 		return nil, credHelperNoOp
 	}
-
+	c.mu.Lock()
+	defer c.mu.Unlock()
 	if c.skip[host] {
 		return nil, credHelperNoOp
 	}
-
 	if machine := c.netrcFinder.FindMachine(host); machine != nil {
 		creds := make(Creds)
 		creds["username"] = machine.Login
@@ -108,7 +110,9 @@ func (c *netrcCredentialHelper) Approve(what Creds) error {
 		}
 		tracerx.Printf("netrc: git credential approve (%q, %q, %q)",
 			what["protocol"], what["host"], what["path"])
+		c.mu.Lock()
 		c.skip[host] = false
+		c.mu.Unlock()
 		return nil
 	}
 	return credHelperNoOp
@@ -123,7 +127,9 @@ func (c *netrcCredentialHelper) Reject(what Creds) error {
 
 		tracerx.Printf("netrc: git credential reject (%q, %q, %q)",
 			what["protocol"], what["host"], what["path"])
+		c.mu.Lock()
 		c.skip[host] = true
+		c.mu.Unlock()
 		return nil
 	}
 	return credHelperNoOp

debian/changelog

@@ -1,3 +1,9 @@
+git-lfs (2.9.1) stable; urgency=low
+
+  * New upstream version
+
+ -- brian m. carlson <[email protected]>  Mon, 25 Nov 2019 14:29:00 -0000
+
 git-lfs (2.9.0) stable; urgency=low
 
   * New upstream version

go.mod

@@ -2,24 +2,23 @@ module github.com/git-lfs/git-lfs
 
 require (
 	github.com/alexbrainman/sspi v0.0.0-20180125232955-4729b3d4d858
-	github.com/fsnotify/fsnotify v1.4.7 // indirect
 	github.com/git-lfs/gitobj v1.4.1
 	github.com/git-lfs/go-netrc v0.0.0-20180525200031-e0e9ca483a18
 	github.com/git-lfs/go-ntlm v0.0.0-20190401175752-c5056e7fa066
 	github.com/git-lfs/wildmatch v1.0.4
-	github.com/google/slothfs v0.0.0-20190417171004-6b42407d9230
 	github.com/inconshreveable/mousetrap v1.0.0 // indirect
 	github.com/mattn/go-isatty v0.0.4
 	github.com/olekukonko/ts v0.0.0-20171002115256-78ecb04241c0
 	github.com/pkg/errors v0.0.0-20170505043639-c605e284fe17
 	github.com/rubyist/tracerx v0.0.0-20170927163412-787959303086
 	github.com/spf13/cobra v0.0.3
 	github.com/spf13/pflag v1.0.3 // indirect
+	github.com/ssgelm/cookiejarparser v1.0.1
 	github.com/stretchr/testify v1.2.2
 	github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v0.0.0-20170210233622-6b67b3fab74d
-	golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7
+	golang.org/x/net v0.0.0-20191027093000-83d349e8ac1a
 	golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4
 	golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a
 )

go.sum

@@ -2,8 +2,6 @@ github.com/alexbrainman/sspi v0.0.0-20180125232955-4729b3d4d858 h1:OZQyEhf4Bviyd
 github.com/alexbrainman/sspi v0.0.0-20180125232955-4729b3d4d858/go.mod h1:976q2ETgjT2snVCf2ZaBnyBbVoPERGjUz+0sofzEfro=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
-github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/git-lfs/gitobj v1.4.1 h1:6nH5d1QP7GJjZfBqaBXpS7mDzT4plXQLqUjPbcbtRpw=
 github.com/git-lfs/gitobj v1.4.1/go.mod h1:B+djgKTnUoJHbg4uDvnC/+6xPcfEJNFbZd/YunEJRtA=
 github.com/git-lfs/go-netrc v0.0.0-20180525200031-e0e9ca483a18 h1:7Th0eBA4rT8WJNiM1vppjaIv9W5WJinhpbCJvRJxloI=
@@ -12,8 +10,6 @@ github.com/git-lfs/go-ntlm v0.0.0-20190401175752-c5056e7fa066 h1:f5UyyCnv3o2EHy+
 github.com/git-lfs/go-ntlm v0.0.0-20190401175752-c5056e7fa066/go.mod h1:YnCP1lAyul0ITv9nT/OqXseZmGeaqvMVa2uvl8ssQvE=
 github.com/git-lfs/wildmatch v1.0.4 h1:Mj6LPnNZ6QSHLAAPDCH596pu6A/Z1xVm2Vk0+s3CtkY=
 github.com/git-lfs/wildmatch v1.0.4/go.mod h1:SdHAGnApDpnFYQ0vAxbniWR0sn7yLJ3QXo9RRfhn2ew=
-github.com/google/slothfs v0.0.0-20190417171004-6b42407d9230 h1:iBLrJ79cF90CZmpskySqhPvzrWr9njBYEsOZubXLZlc=
-github.com/google/slothfs v0.0.0-20190417171004-6b42407d9230/go.mod h1:kzvK/MFjZSNdFgc1tCZML3E1nVvnB4/npSKEuvMoECU=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs=
@@ -30,6 +26,8 @@ github.com/spf13/cobra v0.0.3 h1:ZlrZ4XsMRm04Fr5pSFxBgfND2EBVa1nLpiy1stUsX/8=
 github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
 github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/ssgelm/cookiejarparser v1.0.1 h1:cRdXauUbOTFzTPJFaeiWbHnQ+tRGlpKKzvIK9PUekE4=
+github.com/ssgelm/cookiejarparser v1.0.1/go.mod h1:DUfC0mpjIzlDN7DzKjXpHj0qMI5m9VrZuz3wSlI+OEI=
 github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c=
@@ -39,8 +37,8 @@ github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:
 github.com/xeipuuv/gojsonschema v0.0.0-20170210233622-6b67b3fab74d h1:BJPiQVOMMtJsJIkrF4T6K3RKbzqr7rkaybMk33dlGUo=
 github.com/xeipuuv/gojsonschema v0.0.0-20170210233622-6b67b3fab74d/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 h1:fHDIZ2oxGnUZRN6WgWFCbYBjH9uqVPRCUVUDhs0wnbA=
-golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20191027093000-83d349e8ac1a h1:Yu34BogBivvmu7SAzHHaB9nZWH5D1C+z3F1jyIaYZSQ=
+golang.org/x/net v0.0.0-20191027093000-83d349e8ac1a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU=

lfsapi/auth.go

@@ -93,7 +93,12 @@ func (c *Client) doWithCreds(req *http.Request, credWrapper creds.CredentialHelp
 
 	req.Header.Set("User-Agent", lfshttp.UserAgent)
 
-	redirectedReq, res, err := c.client.DoWithRedirect(c.client.HttpClient(req.Host), req, "", via)
+	client, err := c.client.HttpClient(req.URL)
+	if err != nil {
+		return nil, err
+	}
+
+	redirectedReq, res, err := c.client.DoWithRedirect(client, req, "", via)
 	if err != nil || res != nil {
 		return res, err
 	}

lfshttp/certs_test.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net/http"
+	"net/url"
 	"os"
 	"path/filepath"
 	"testing"
@@ -48,6 +49,12 @@ var sslCAInfoMatchedHostTests = []struct {
 	{"wronghost.com", false},
 }
 
+func clientForHost(c *Client, host string) *http.Client {
+	u, _ := url.Parse(fmt.Sprintf("https://%v", host))
+	client, _ := c.HttpClient(u)
+	return client
+}
+
 func TestCertFromSSLCAInfoConfig(t *testing.T) {
 	tempfile, err := ioutil.TempFile("", "testcert")
 	assert.Nil(t, err, "Error creating temp cert file")
@@ -158,7 +165,7 @@ func TestCertFromSSLCAPathEnv(t *testing.T) {
 
 func TestCertVerifyDisabledGlobalEnv(t *testing.T) {
 	empty, _ := NewClient(nil)
-	httpClient := empty.HttpClient("anyhost.com")
+	httpClient := clientForHost(empty, "anyhost.com")
 	tr, ok := httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.False(t, tr.TLSClientConfig.InsecureSkipVerify)
@@ -170,7 +177,7 @@ func TestCertVerifyDisabledGlobalEnv(t *testing.T) {
 
 	assert.Nil(t, err)
 
-	httpClient = c.HttpClient("anyhost.com")
+	httpClient = clientForHost(c, "anyhost.com")
 	tr, ok = httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.True(t, tr.TLSClientConfig.InsecureSkipVerify)
@@ -179,7 +186,7 @@ func TestCertVerifyDisabledGlobalEnv(t *testing.T) {
 
 func TestCertVerifyDisabledGlobalConfig(t *testing.T) {
 	def, _ := NewClient(nil)
-	httpClient := def.HttpClient("anyhost.com")
+	httpClient := clientForHost(def, "anyhost.com")
 	tr, ok := httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.False(t, tr.TLSClientConfig.InsecureSkipVerify)
@@ -190,7 +197,7 @@ func TestCertVerifyDisabledGlobalConfig(t *testing.T) {
 	}))
 	assert.Nil(t, err)
 
-	httpClient = c.HttpClient("anyhost.com")
+	httpClient = clientForHost(c, "anyhost.com")
 	tr, ok = httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.True(t, tr.TLSClientConfig.InsecureSkipVerify)
@@ -199,13 +206,13 @@ func TestCertVerifyDisabledGlobalConfig(t *testing.T) {
 
 func TestCertVerifyDisabledHostConfig(t *testing.T) {
 	def, _ := NewClient(nil)
-	httpClient := def.HttpClient("specifichost.com")
+	httpClient := clientForHost(def, "specifichost.com")
 	tr, ok := httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.False(t, tr.TLSClientConfig.InsecureSkipVerify)
 	}
 
-	httpClient = def.HttpClient("otherhost.com")
+	httpClient = clientForHost(def, "otherhost.com")
 	tr, ok = httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.False(t, tr.TLSClientConfig.InsecureSkipVerify)
@@ -216,13 +223,13 @@ func TestCertVerifyDisabledHostConfig(t *testing.T) {
 	}))
 	assert.Nil(t, err)
 
-	httpClient = c.HttpClient("specifichost.com")
+	httpClient = clientForHost(c, "specifichost.com")
 	tr, ok = httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.True(t, tr.TLSClientConfig.InsecureSkipVerify)
 	}
 
-	httpClient = c.HttpClient("otherhost.com")
+	httpClient = clientForHost(c, "otherhost.com")
 	tr, ok = httpClient.Transport.(*http.Transport)
 	if assert.True(t, ok) {
 		assert.False(t, tr.TLSClientConfig.InsecureSkipVerify)