Motivation: BouncyCastle serves as 'default' implementation of
the GPG Signer. If a client application does not use it there is no need
to pull in this dependency, especially since BouncyCastle is a large
library.
Move the classes depending on BouncyCastle to an OSGi fragment extending
the org.eclipse.jgit bundle. They are moved to a distinct internal
package in order to avoid split packages. This doesn't break public API
since these classes were already in an internal package before this
change.
Add a new feature org.eclipse.jgit.gpg.bc to enable installation. With
that users can now decide if they want to install it.
Attempts to sign a commit if org.eclipse.jgit.gpg.bc isn't available
will result in ServiceUnavailableException being thrown.
Bug: 559106
Change-Id: I42fd6c00002e17aa9a7be96ae434b538ea86ccf8
Also-by: Michael Dardis <git@md-5.net>
Signed-off-by: Michael Dardis <git@md-5.net>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
Change target platforms to Orbit I20200319180910 and regenerate them.
Change package imports to [2.4.0,2.5.0); adapt code to upstream API
changes.
Maven build: update version in root pom.
Bazel build: update version & hash in WORKSPACE file.
Proxy functionality verified manually using 3proxy (HTTP & SOCKS,
with basic authentication) and ssh -vvv -D7020 localhost (SOCKS, no
authentication).
Bug: 561078
Change-Id: I582f6b98055b013c006f2c749890fe6db801cbaa
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Includes "Use now mandatory https protocol for MAVEN_CENTRAL".
Change-Id: I4e83bf9a01f1d2a3bea4ce855709fd33e624fe9a
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Since version 4.13 JUnit has an assertThrows method. Remove the
implementation in MoreAsserts and use the one from JUnit.
CQ: 21439
Change-Id: I086baa94aa3069cebe87c4cbf91ed1534523c6cb
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
- bazlets need to be updated to react on Maven central no longer
supporting http protocol but only https
- update bazel to 2.0
Change-Id: I07f5f050f3b1db2014a5198a28b6bbf893434814
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
The recent versions fixed number of defects and added new features: [1].
Use Orbit I20191106190530 until a S-build is available.
[1] https://www.bouncycastle.org/releasenotes.html
Change-Id: I0f2fd3a218ea31f6f6b58b1816af9361e4de54e4
Signed-off-by: David Ostrovsky <d.ostrovsky@gmx.de>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
The benchmarks can be built and run using bazel by running:
$ bazel run //org.eclipse.jgit.benchmarks:benchmarks
Change-Id: I6679750eaa0f2be30ed9d45036e013b0ea4fcc86
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: Ie2ee0a978949f9cf70833645132eedf26c3cf1c8
Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
JGit is built from source on Gerrit-CI: the Bazel build
dependencies need to be aligned. On Gerrit master the servlet-api-3_1
is renamed to servlet-api (see [1]): do the same on the JGit master
branch.
In addition, removing the version suffix from dependency rule makes
it much easier to upgrade. The actual reason the for the renaming it
in Gerrit core is upgrade attempt to servlet-api 4.0, done in [2].
[1] https://gerrit-review.googlesource.com/c/gerrit/+/238496
[2] https://gerrit-review.googlesource.com/c/gerrit/+/238383
Change-Id: I63c506da335deef54eb279879e897b427200797b
Signed-off-by: Luca Milanesio <luca.milanesio@gmail.com>
Bazel is still supported in addition to the Bazel wrapper Bazelisk,
that is recommended, as it would automatically switch to the right
Bazel version on stable branches (like it was the case with Buck).
That why minimum used Bazel version check is still needed in WORKSPACE
file in addition to the .bazelversion used by Bazelisk. That means that
currently, bazel version is maintained in two places:
* .bazelversion
* WORKSPACE
This change introduces the repository rule to read the bazel version
from the .bazelversion file and perform the minimum version check.
Change-Id: Ib9c1382935ded7bcd322ed0122838c40ba2faa6c
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
Check the bazel version using the checker from bazel_skylib, and
require at least version 0.17.1 which is the minimum version that
does not suffer from the Java API mismatch issue [1].
The implementation is borrowed from the Gerrit project.
[1] https://github.com/bazelbuild/bazel/issues/6027
Change-Id: I224250088a1f5072fcaa3ec81228f4d2cb8cb389
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
The latest revision includes various fixes to allow the build
to work with recent versions of Bazel.
Change-Id: I72c100b99762010946d9b2784286af560bbdf185
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
This is needed to make build tool chain compatible with the latest
Bazel releases.
Change-Id: I9822b5fe5f934457e6069217d687b3cf4764b7b7
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
This is needed to make build tool chain compatible with the latest
Bazel releases.
Change-Id: I9822b5fe5f934457e6069217d687b3cf4764b7b7
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
This update is required for Java 11.
Update
- org.mockito to 2.23.0.v20190527-1420
- net.bytebuddy.byte-buddy to 1.9.0.v20181107-1410
- net.bytebuddy.byte-buddy-agent to 1.9.0.v20181106-1534
CQ: 20214
CQ: 20215
CQ: 20216
See: https://github.com/mockito/mockito/issues/1482
Change-Id: I3ac744f7247c71f01d50f7f409fee5825f3d5295
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Also now use JcaKeyBoxBuilder constructor in
BouncyCastleGpgKeyLocator.readKeyBoxFile(Path).
CQ: 19868
CQ: 19869
CQ: 19870
Change-Id: I45bd80e158aecd90448b0c7e59615db27aaef892
Signed-off-by: Brandon Weeks <bweeks@google.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Name bouncy castle libraries consistently. This also allows to use
local jgit tree as dependency in gerrit.
Change-Id: Ie0a995a70ecee907d25b3cdda9034a25c0290efe
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
Update target platforms, maven and bazel builds to use sshd 2.2.0.
Adapt internal classes to changed sshd interfaces and remove previous
work-arounds for asking repeatedly for key passwords and for loading
keys lazily; both are now done by sshd.
CQ: 19034
CQ: 19035
Bug: 541425
Change-Id: I85e1df6ebb8a94953a912d9b2b8a7b5bdfbd608a
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Same version as used in the latest Eclipse platform. Updating the
JGit target platform results in the new JSch version being included
in the JGit feature in the p2 repo, and thus ultimately in the EGit
update site.
CQ: 19588
Bug: 546130
Change-Id: Id7e4318096f6f29dc4573e15542abdf54582af34
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Update
- org.apache.httpcomponents.httpcore to 4.4.10.v20190123-2214
- org.apache.httpcomponents.httpclient.source to 4.5.6.v20190123-2215
- org.bouncycastle.bcpg to 1.60.0.v20181210-2057
- org.bouncycastle.pkix to 1.60.0.v20181210-2057
- org.bouncycastle.prov to 1.60.0.v20181210-2057
Change-Id: I132b6686aa29b2a76cc529f7cae34115604c754d
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This also includes a change to generating the jgit CLI jar. Shading is
no longer possible because it breaks the signature of BouncyCastle.
Instead, the Spring Boot Loader Maven plug-in is now used to generate an
executable jar.
Bug: 382212
Change-Id: I35ee3d4b06d9d479475ab2e51b29bed49661bbdc
Also-by: Gunnar Wagenknecht <gunnar@wagenknecht.org>
Signed-off-by: Gunnar Wagenknecht <gunnar@wagenknecht.org>
Signed-off-by: Medha Bhargav Prabhala <mprabhala@salesforce.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Include the net.i2p.crypto.eddsa bundle via a hard dependency.
Add tests for dealing with ed25519 host keys and user key files.
Manual tests: fetching from git.eclipse.org with an ed25519 user key,
and pushing this change itself using the same ed25519 key.
Note that sshd 2.0.0 does not yet support encrypted ed25519 private
keys.
Bug: 541272
Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
to consume fix for vulnerability [1] in Apache commons compress which is
fixed in version 1.18.
[1] https://nvd.nist.gov/vuln/detail/CVE-2018-1324
CQ: 18320
Change-Id: I39b1d815e5b8e0208600afafe7a72bb603d04fb8
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
The new dependency to mockito for JDKHttpConnectionTest wasn't added for
bazel test run.
Change-Id: Ie967b7152340a0b3e05cced7eadfd40af78d9995
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Avoid loading versions from @bazel_skylib//:lib.bzl, because it is now
deprecated and is going to be removed in future skylib versions:
https://github.com/bazelbuild/bazel-skylib/blob/master/lib.bzl#L17
Change-Id: Ie722351de5254f611cf3489c8689922c8346af7f
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Add a simple ssh git server based on Apache MINA sshd, and use it
in new tests that verify ssh operations and in particular a number
of bugs that had cropped up over time in JSch.
The git server supports fetching only, and sftp access.
The tests are all in an abstract base class; the concrete JschSshTest
class only provides ssh-specific test setup. So the same tests could
be run easily also with some other ssh client.
Bug: 520927
Change-Id: Ide6687b717fb497a29fc83f22b07390a26dfce1d
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Also replace native git_repository rule with Starlark rule. This is
needed because in recent Bazel versions native git_repository rule
is deprecated.
Change-Id: I2c19fd31693a930d7d35fdbb93bfa4abf21fa2aa
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
Check the bazel version using the checker from bazel_skylib, and
require at least version 0.17.1 which is the minimum version that
does not suffer from the Java API mismatch issue [1].
The implementation is borrowed from the Gerrit project.
[1] https://github.com/bazelbuild/bazel/issues/6027
Change-Id: I224250088a1f5072fcaa3ec81228f4d2cb8cb389
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Recent Bazel versions support the hyphen character in external
repository names. On the Gerrit project, the repository names
were harmonized to consistently use hyphen.
As a side effect, it is no longer possible to build jgit from source
in the gerrit tree, due to the different repository names.
Rename the dependencies to use hyphens, consistent with gerrit.
Change-Id: Ideebd858ddd3f0e6f765643001642dfb6c12441f
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Recent Bazel versions support the hyphen character in external
repository names. On the Gerrit project, the repository names
were harmonized to consistently use hyphen.
As a side effect, it is no longer possible to build jgit from source
in the gerrit tree, due to the different repository names.
Rename the dependencies to use hyphens, consistent with gerrit.
Change-Id: Ideebd858ddd3f0e6f765643001642dfb6c12441f
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Update
- jsch to 0.1.54
- httpclient to 4.5.5
- httpcore to 4.4.9
- commons-codec to 1.10
- commons-logging to 1.2
- junit to 4.12
Change-Id: I84eeb8dd786e68dd03079ae2c2aef5d7286dfb56
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>