Bug#1117455: trixie-pu: package dgit/12.16
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: dgit@packages.debian.org
Control: affects -1 + src:dgit
User: release.debian.org@packages.debian.org
Usertags: pu
[ Reason ]
We discovered a big where git-debrebase would use the user's git tree
as if it were a private (temporary) working area.
[ Impact ]
The bug can result in corruption to the user's working tree, and also
strange refs appearing, and possibly overwriting refs the user cares
about.
Symptoms we've actually seen include unwanted changes to working tree
files.
The problem only occurs when "vanilla merges" are present in the
git history. See #1116933.
[ Tests ]
We have a pretty comprehensive test suite which covers most of
git-debrebase. This particular failure mode escaped the existing
tests, because the "vanilla merge" resolution code wasn't presented
with a sufficiently interesting situation.
In this proposed update we add a new test which does trigger the bug.
Additionally, we have other work (in as-yet unmerged branch) to fix
other (not so critical) problems with the merge resolution code. The
tests for those bugs *also* trigger #1116933, and are also fixed by
these changes (in local tests of the same commits when applied to
our forky branch).
[ Risks ]
The biggest risk is that the changes to private temporary playground
area handling break something else, possibly including other
ill-tested code paths.
For this reason we have kept the changes as minimal as we can, while
fixing the bug. The playground handling in git-debrebase is confusing
and we intend to overhaul it for forky, but such changes wouldn't be
appropriate for trixie.
Because fixing the playground reuse during recursion involved possibly
making multiple more directories, we have had to arrange for
git-debrebase to always clear out the whole of its playground on every
invocation. There is risk that this may make git-debrebase more
fragile if it is (invadvisably) called concurrently on the same tree.
(There is not presently any locking; perhaps there should be but
that's not a matter for trixie.)
To try to minimise the risk, I asked Sean Whitton, my co-maintainer,
to review the changes. You can see that review here
https://salsa.debian.org/dgit-team/dgit/-/merge_requests/333
[ Checklist ]
[y] *all* changes are documented in the d/changelog
[y] I reviewed all changes and I approve them
[y] attach debdiff against the package in (old)stable
[y] the issue is verified as fixed in unstable
[ Changes ]
The changes are structured as a patch series, and are available here:
https://salsa.debian.org/dgit-team/dgit/-/merge_requests/336
The main change is
"git-debrebase: use different directory for nested workareas"
and involves keeping track of a stack of directories so that when we
return, we can change back to the place we intended.
[ Other info ]
We bumped the version number of src:dgit to 13.x when forky opened, so
12.x is a stable branch.
Therefore, I am proposing to call this version 12.16.
diff --git a/debian/changelog b/debian/changelog
index 618a35942..3e4757204 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+dgit (12.16) unstable; urgency=medium
+
+ git-debrebase bugfix:
+ * Merge resolution: Fix erroneous use of real git tree as
+ if it were a private working area. Closes: #1116933.
+ * Merge resolution: Fix conflation of different temporary directories.
+ * Clean out all of the temporary playground area on every invocation.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sun, 05 Oct 2025 21:23:23 +0100
+
dgit (12.15) unstable; urgency=medium
git-debpush bugfixes:
diff --git a/git-debrebase b/git-debrebase
index 613af737f..ceb227a9b 100755
--- a/git-debrebase
+++ b/git-debrebase
@@ -120,20 +120,25 @@ sub DS_DEB () { D_DEB_CLOG | D_DEB_OTH; } # debian/ (not patches/)
our $playprefix = 'debrebase';
our $rd;
our $workarea;
+our @workarea_recursion;
our @dgit = qw(dgit);
sub in_workarea ($) {
my ($sub) = @_;
changedir $workarea;
+ push @workarea_recursion, $workarea;
my $r = eval { $sub->(); };
- { local $@; changedir $maindir; }
+ pop @workarea_recursion;
+ my $prev_dir = $workarea_recursion[-1] // $maindir;
+ { local $@; changedir $prev_dir; }
die $@ if $@;
}
sub fresh_workarea (;$) {
my ($subdir) = @_;
$subdir //= 'work';
+ $subdir .= scalar @workarea_recursion;
$workarea = fresh_playground "$playprefix/$subdir";
in_workarea sub { playtree_setup };
}
@@ -3010,7 +3015,8 @@ enabledebug if $debuglevel;
changedir_git_toplevel();
-$rd = fresh_playground "$playprefix/misc";
+fresh_playground "$playprefix";
+$rd = ensure_a_playground "$playprefix/misc";
@opt_anchors = map { git_rev_parse $_ } @opt_anchors;
diff --git a/tests/tests/gdr-merge b/tests/tests/gdr-merge
index 1b8c624ee..07cca1f76 100755
--- a/tests/tests/gdr-merge
+++ b/tests/tests/gdr-merge
@@ -20,6 +20,7 @@ t-git-debrebase quick
git checkout -b other
t-some-changes other '' -other
+t-git-debrebase -funclean-mixed -funclean-ordering make-patches
echo 'other-conflict' >>debian/zorkmid
git commit -m 'other-conflict' debian/zorkmid
Reply to: