The latest release of Git introduces many changes aimed to improve its user interface, while also fixing two significant vulnerabilities.
As it is known, the SHA–1 hashing algorithm that Git uses to uniquely identify objects has been recently demonstrated vulnerable to collision attacks. While the Git team gets ready to transition to a new, more secure hashing algorithm, they have implemented a mechanism to detect and reject any objects that appear to have been created with the intent of producing a collision. This should effectively mitigate the risk of collision attacks.
Still on the security front, Git 2.13 also fixes a vulnerability affecting all Git hosting servers that use git shell
, which provides restricted shell access through SSH to Git push/pull
commands, plus custom commands installed in a git-shell-commands
directory. The vulnerability allowed attackers to potentially run shell commands on the remote server.
As mentioned, Git 2.13 includes many improvements to its UI. In particular, a feature that will be useful to all developers doing work for different projects is the ability to handle multiple identities through conditional configurations. In short, conditional configurations provide a way to include a Git config file based on a set of conditions. For example, you could have the following directives in your ~/.gitconfig
file to customize your Git configuration based on the path of the directory where the repository resides:
[includeIf "gitdir:~/work/"]
path = .gitconfig-work
[includeIf "gitdir:~/play/"]
path = .gitconfig-play
Specifically, this can be used to define different user
and email
in .gitconfig-work
and .gitconfig-play
.
Another feature that almost all developers use and that has got a few touches in Git 2.13 is the handling of paths in Git commands, i.e., pathspecs. For example, if you want to execute a grep on all files of a given type in your repository, you could write:
git grep my_pattern '*.c'
Now, you can also use negative pathspecs, to exclude specific pathspecs from commands, and pathspecs using attributes, which allows to include attributes to the pathspec definition. For example:
git grep text_to_search -- src ':(exclude)*.c'
Other notable improvements include:
git branch
,git tag
, andgit for-each-ref
support now the--no-contains
option, which can be used to select tags or branches that do not contain a given commit, e.g.:git tag -l --no-contains cf5c725 'v[0-9]*' | sort | tail -n 10
The
--no-contains
option can be missed with they already existing--contains
option to, e.g., find branches that were created between two tags:git branch --contains v2.8.0 --no-contains v2.10.0
-
git stash
supports the use of pathspecs to stashing only a part of the current working tree, thus allowing more control on what is to be stashed. -
A number of commands are now submodules aware, including
checkout
,grep
, andls-files
. This means they will recursively traverse your submodules. Additionally,git status --short
reports more information about submodules.
You can read the full release notes to have a more detailed view of what is new in Git 2.13.