From 775cfe8299ea5474f605935469359a9d1cdb49dc Mon Sep 17 00:00:00 2001 From: Sebastian Thiel Date: Thu, 2 Jan 2025 08:20:58 +0100 Subject: [PATCH 1/4] update scripts to allow release (copied from smmap) --- Makefile | 42 +++++++----------------------------------- build-release.sh | 26 ++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 35 deletions(-) create mode 100755 build-release.sh diff --git a/Makefile b/Makefile index a0a2d0e..20436bb 100644 --- a/Makefile +++ b/Makefile @@ -1,40 +1,12 @@ -PYTHON = python3 -SETUP = $(PYTHON) setup.py -TESTFLAGS = +.PHONY: all clean release force_release -all:: +all: @grep -Ee '^[a-z].*:' Makefile | cut -d: -f1 | grep -vF all -release:: clean - # Check if latest tag is the current head we're releasing - echo "Latest tag = $$(git tag | sort -nr | head -n1)" - echo "HEAD SHA = $$(git rev-parse head)" - echo "Latest tag SHA = $$(git tag | sort -nr | head -n1 | xargs git rev-parse)" - @test "$$(git rev-parse head)" = "$$(git tag | sort -nr | head -n1 | xargs git rev-parse)" - make force_release +clean: + rm -rf build/ dist/ .eggs/ .tox/ -force_release:: clean - git push --tags - python3 -m build --sdist --wheel +force_release: clean + ./build-release.sh twine upload dist/* - -doc:: - make -C doc/ html - -build:: - $(SETUP) build - $(SETUP) build_ext -i - -build_ext:: - $(SETUP) build_ext -i - -install:: - $(SETUP) install - -clean:: - $(SETUP) clean --all - rm -f *.so - -coverage:: build - PYTHONPATH=. $(PYTHON) -m pytest --cov=gitdb gitdb - + git push --tags origin master diff --git a/build-release.sh b/build-release.sh new file mode 100755 index 0000000..5840e44 --- /dev/null +++ b/build-release.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# +# This script builds a release. If run in a venv, it auto-installs its tools. +# You may want to run "make release" instead of running this script directly. + +set -eEu + +function release_with() { + $1 -m build --sdist --wheel +} + +if test -n "${VIRTUAL_ENV:-}"; then + deps=(build twine) # Install twine along with build, as we need it later. + echo "Virtual environment detected. Adding packages: ${deps[*]}" + pip install --quiet --upgrade "${deps[@]}" + echo 'Starting the build.' + release_with python +else + function suggest_venv() { + venv_cmd='python -m venv env && source env/bin/activate' + printf "HELP: To avoid this error, use a virtual-env with '%s' instead.\n" "$venv_cmd" + } + trap suggest_venv ERR # This keeps the original exit (error) code. + echo 'Starting the build.' + release_with python3 # Outside a venv, use python3. +fi From 26209528a0303e47c88c174184adbf25d206a824 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Sun, 5 Jan 2025 03:21:33 -0500 Subject: [PATCH 2/4] Add SECURITY.md, referencing GitPython's Along with https://github.com/gitpython-developers/smmap/pull/59 and a forthcoming related PR in GitPython, this will fix #116. --- SECURITY.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..95389ff --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,3 @@ +# Security Policy + +See [GitPython](https://github.com/gitpython-developers/GitPython/blob/main/SECURITY.md). Vulnerabilities found in `gitdb` can be reported there. From 4fe56572894f9668c1ffd0808c96aed27c65e584 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 10:38:13 +0000 Subject: [PATCH 3/4] Bump gitdb/ext/smmap from `f31bfa3` to `8f82e6c` Bumps [gitdb/ext/smmap](https://github.com/gitpython-developers/smmap) from `f31bfa3` to `8f82e6c`. - [Release notes](https://github.com/gitpython-developers/smmap/releases) - [Commits](https://github.com/gitpython-developers/smmap/compare/f31bfa378c8840d38d31e7e11ef2b84f191a491e...8f82e6c19661f9b735cc55cc89031a189e408894) --- updated-dependencies: - dependency-name: gitdb/ext/smmap dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- gitdb/ext/smmap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitdb/ext/smmap b/gitdb/ext/smmap index f31bfa3..8f82e6c 160000 --- a/gitdb/ext/smmap +++ b/gitdb/ext/smmap @@ -1 +1 @@ -Subproject commit f31bfa378c8840d38d31e7e11ef2b84f191a491e +Subproject commit 8f82e6c19661f9b735cc55cc89031a189e408894 From b4fd74ce8e28c372c511db2e0a491fa8b67c93f4 Mon Sep 17 00:00:00 2001 From: Eliah Kagan Date: Sun, 26 Jan 2025 11:51:11 -0500 Subject: [PATCH 4/4] Improve description of backoff sequence in db.loose The sequence of backoff wait times used in `gitdb.db.loose` is quadratic rather than exponential, as discussed in: https://github.com/gitpython-developers/gitdb/pull/115#discussion_r1903215598 This corrects the variable name by making it more general, and the comment by having it explicitly describe the backoff as quadratic. This is conceptually related to GitoxideLabs/gitoxide#1815, but this is a non-breaking change, as no interfaces are affected: only a local variable and comment. --- gitdb/db/loose.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gitdb/db/loose.py b/gitdb/db/loose.py index 03d387e..e6765cd 100644 --- a/gitdb/db/loose.py +++ b/gitdb/db/loose.py @@ -230,16 +230,16 @@ def store(self, istream): # end rename only if needed # Ensure rename is actually done and file is stable - # Retry up to 14 times - exponential wait & retry in ms. + # Retry up to 14 times - quadratic wait & retry in ms. # The total maximum wait time is 1000ms, which should be vastly enough for the # OS to return and commit the file to disk. - for exp_backoff_ms in [1, 4, 9, 16, 25, 36, 49, 64, 81, 100, 121, 144, 169, 181]: + for backoff_ms in [1, 4, 9, 16, 25, 36, 49, 64, 81, 100, 121, 144, 169, 181]: with suppress(PermissionError): # make sure its readable for all ! It started out as rw-- tmp file # but needs to be rwrr chmod(obj_path, self.new_objects_mode) break - time.sleep(exp_backoff_ms / 1000.0) + time.sleep(backoff_ms / 1000.0) else: raise PermissionError( "Impossible to apply `chmod` to file {}".format(obj_path)