Git 2.48 introduces new build system and accelerates SHA-1 internally
With Meson, a new build system can be used in Git 2.48 that offers a simple syntax and is available for many IDEs.
(Image: erstellt mit Dall-E durch iX)
In version 2.48, the version management system Git introduces Meson, a new build system, improves security in some areas and brings a few new commands. In future, developers will be able to use Meson alongside Make, CMake and Autoconf, which offers a number of advantages: It makes it easier to find build options, has a simpler syntax compared to its predecessors, offers modern build functions and supports various operating systems, compilers as well as IDEs.
One practical tool, for example, is the meson configure command, which allows users to view or change a configuration within a build directory. And meson setup <build_dir> sets up multiple build directories. Further information can be found in the meson.build file in the Git repository. The old Make system was getting on in years: 2000 commits have contributed to the current Makefile and the build script consists of 4000 lines of code.
Videos by heise
Fewer memory leaks for a new library
In terms of security, the Git team endeavored to eliminate all memory leaks. As Git works on the command line, the leaks do not pose a major problem, as the kernel quickly checks out the unreleased areas. However, the aim of the Git team is to port parts of the version management to a library, where leaks are a more serious problem. All known holes have now been plugged and Git 2.48 has passed the relevant tests without any errors.
Only marginally a security issue is the collision-free use of SHA-1. Git uses this hash algorithm internally, for example when packing, and performs a few extra rounds of calculation to ensure data integrity, which is not given with SHA-1 in some cases. Users who want to do without this for performance reasons can force this during the build with make OPENSSL_SHA1_UNSAFE=1. SHA-256 can only be set at user repository level with git init --object-format=sha256 repo. SHA-256 has fewer collision problems.
Further innovations: The --remerge diff option can now be used with the range diff command to make merge commits visible after a rebase. The relatively new reftable subsystem has been accelerated by separating convenience APIs and reusing iterators when accessing references.
Further details can be found in the official announcement and the blogs of GitHub and GitLab.
(who)
