Log message:
py-dulwich: updated to 1.2.5

1.2.5   2026-05-28

* SECURITY(GHSA-gfhv-vqv2-4544): Validate submodule paths in
  ``porcelain.submodule_update`` (and thus
  ``porcelain.clone(recurse_submodules=True)``). A crafted upstream
  repository could carry a submodule whose path was ``.git/hooks`` (or
  any other path inside ``.git`` or above the work tree), causing the
  submodule's tree contents to be written there with their executable
  bits intact -- dropping a hook that later commands would run. Submodule
  paths are now rejected if they are absolute or carry a component that
  the configured path validator refuses, and the submodule's own tree is
  materialized with the same validator. This is the dulwich analogue of git's
  CVE-2024-32002 / CVE-2024-32004.
  (Jelmer Vernooij; reported by tonghuaroot)

* SECURITY(CVE-2026-42305): Harden tree path validation against entry
  names that are harmless on POSIX but dangerous when checked out on
  Windows. A crafted tree could previously carry such names through to
  the work tree. ``validate_path_element_ntfs`` now also rejects:

  - Windows path separators, so an entry named
    ``.git\hooks\pre-commit.exe`` can no longer materialize a file
    inside ``.git`` that Git for Windows would execute.
  - The alternate data stream marker ``:`` (e.g.
    ``.git::$INDEX_ALLOCATION``, which writes into ``.git`` directly).
  - NTFS 8.3 short-name aliases of ``.git`` (``git~<digits>``); only
    ``git~1`` was rejected before.
  - Reserved Windows device names (``CON``, ``PRN``, ``AUX``, ``NUL``,
    ``COM1``-``COM9``, ``LPT1``-``LPT9``), including with an extension or
    trailing dots/spaces such as ``NUL.txt`` or ``COM1 .bar``.

  In addition, ``core.protectNTFS`` now defaults to true on every
  platform (matching git after CVE-2019-1353), so a POSIX clone no longer
  accepts paths that would be unsafe on a later Windows clone, and both
  ``core.protectNTFS`` and ``core.protectHFS`` are now read under their
  correct option names, having previously been silently ignored. POSIX
  users who need literal NTFS-unsafe filenames can opt out with
  ``core.protectNTFS=false``.
  (Jelmer Vernooij; reported by Christopher Toth)

* SECURITY (CVE-2026-42563): Shell-quote values substituted into
  ``ProcessMergeDriver`` commands. ``%P`` is a path from the git
  tree, so a malicious branch could inject shell commands when the
  user had a merge driver configured that referenced ``%P``.
  (Jelmer Vernooij; reported by Ravishanker Kusuma (hayageek))

* SECURITY(CVE-2026-47712): Sanitize commit subjects used in
  ``porcelain.format_patch`` filenames so a malicious subject (e.g.
  ``x/../../x``) cannot direct the generated patch outside ``outdir``.
  ``get_summary`` now matches git's ``format_sanitized_subject``.
  (Jelmer Vernooij; reported by Christopher Toth)

* SECURITY: Honour ``receive.maxInputSize`` in
  ``ReceivePackHandler``. Previously a remote unauthenticated client
  could send a tiny crafted pack (~174 bytes) that declared a huge
  ``dest_size`` in its delta header and trigger hundreds of MB of
  allocation in ``apply_delta`` / ``add_thin_pack``, exhausting
  server memory over ``git-receive-pack``. ``add_thin_pack`` now
  accepts a ``max_input_size`` keyword (in bytes, ``0`` / ``None`` =
  unlimited, matching git's semantics) and ``ReceivePackHandler``
  reads ``receive.maxInputSize`` from the repository config and
  passes it through. Exceeding the cap raises ``PackInputTooLarge``.
  (Jelmer Vernooij; Reported by Liyi, Ziyue, Strick, Maurice and Chenchen @ \ 
University of Sydney)

Log message:
py-dulwich: updated to 1.2.4

1.2.4   2026-05-21

* Tolerate ref names with empty path components (e.g. ``refs/tags//v1.0``)
  for now, emitting a ``DeprecationWarning`` rather than raising a
  ``RefFormatError``. Such names are constructed by older Poetry releases
  (fixed in Poetry 2.4.0) and were silently accepted before Dulwich 1.2.3.
  ``local_branch_name``, ``local_tag_name`` and ``local_replace_name``
  likewise warn about, and strip, a leading slash instead of raising
  ``ValueError``. Both will become errors again in a future release.

Log message:
py-dulwich: updated to 1.2.1

1.2.1   2026-04-29

* Derive the LFS endpoint as the remote's on-disk LFS store
  (``<remote>/.git/lfs`` for worktrees, ``<remote>/lfs`` for bare repos)
  when ``remote.origin.url`` points at a local filesystem path or
  ``file://`` URL, matching git-lfs behaviour. Previously the built-in
  smudge filter constructed an HTTP-style ``<remote>.git/info/lfs`` path
  that did not exist on disk, leaving LFS-tracked files as pointers when
  cloning from a local repo.

* Deduplicate objects when writing a multi-pack-index. Objects present
  in multiple packs (e.g. after ``git gc`` creates a cruft pack) would
  otherwise produce an OIDL chunk with repeated SHAs, causing ``git
  multi-pack-index verify`` to fail with "oid lookup out of order".

* Extend ignorecase and precomposeunicode support to index lookups.

Log message:
py-dulwich: updated to 1.2.0

1.2.0   2026-04-21

* Expand ``log`` command options: add ``--oneline``, ``--abbrev-commit``,
  ``--author``, ``--committer``, ``--grep``, ``--since``/``--after``,
  ``--until``/``--before``, ``-n``/``--max-count``, ``--no-merges``,
  ``--merges``, ``--stat``, ``-p``/``--patch``, ``--name-only``,
  and ``--follow``.

* Add ``am`` command and ``porcelain.am()`` for applying mailbox-style
  email patches (``git am``), with state persistence for
  ``--continue``, ``--skip``, ``--abort``, and ``--quit`` recovery
  operations.

* Add support for ``extensions.relativeworktrees`` repository extension,
  allowing Git worktrees to use relative paths instead of absolute paths
  when linking worktrees.

* Add support for push options (``-o``/``--push-option``) in the ``push``
  command and ``porcelain.push()``, enabling AGit flow and other server-side
  push option workflows.

* Add missing push options: ``--all``, ``--tags``, ``--delete``,
  ``--dry-run``, ``--prune``, ``--set-upstream``, ``--follow-tags``,
  and ``--mirror``.

* Add support for atomic push operations (``--atomic``). When enabled,
  either all ref updates succeed or none are applied. Both client and
  server now negotiate the ``atomic`` capability.

* Add ``apply`` command and ``porcelain.apply_patch()`` for applying
  unified diffs, including support for rename/copy detection, binary patches
  with Git's base85 encoding, and ``--3way`` merge fallback when patches
  don't apply cleanly.

* Add support for ``gc.pruneExpire`` configuration option, which controls
  the grace period before unreachable objects are pruned during garbage
  collection.

* Add support for ``core.precomposeunicode`` configuration option
  for normalizing NFD Unicode paths from macOS filesystems to NFC
  form.

* Add support for ``core.gitProxy`` configuration option, which
  specifies a proxy command for Git protocol (``git://``) connections.

* Add support for ``core.maxStat`` configuration option, which limits
  the number of stat operations performed when checking for unstaged
  changes. This improves performance on slow filesystems or very large
  repositories.

* Add support for ``core.packedGitLimit`` configuration option, which
  limits the total memory used for mmapped pack files. When exceeded,
  least-recently-used packs are closed to free memory.

* Add support for ``core.deltaBaseCacheLimit`` configuration option, which
  limits the memory used for caching delta base objects during pack
  unpacking. Defaults to 96 MiB, matching Git's default.

* Fix GPG signature verification to raise ``BadSignature`` for all
  GPG errors, not just ``BadSignatures``. Also detect the case where
  GPG returns no signatures at all.

* Fix client incorrectly sending ``unborn`` argument in Git protocol v2
  ``ls-refs`` requests to servers that advertise ``ls-refs`` capability
  without explicitly advertising ``ls-refs=unborn`` support, preventing
  clones from older servers like Gerrit 3.12.2.

* Improve error message in ``read_info_refs()`` to show the actual line
  content when parsing fails, making it easier to diagnose issues with
  malformed server responses.

* HTTP client respects ``http.userAgent`` configuration for customizing the
  User-Agent header. Supports both global and URL-specific settings. The
  default User-Agent is ``git/dulwich/{version}``.

* Preserve quoted trailing whitespace in config values. Previously, spaces
  and tabs inside quoted config values were discarded during parsing.

* Fix ``.gitignore`` parent re-include handling so that a later ``!dir/``
  re-include allows a subsequent file-level negation to take effect.

* No longer ship ``contrib/`` as part of the distribution. The ``contrib/``
  directory has always been documented as unsupported and is now excluded
  from the installed package.

* Fix host key verification in ``contrib/paramiko_vendor.py`` by loading
  known hosts and rejecting unknown SSH host keys by default.

Log message:
py-dulwich: updated to 1.1.0

1.1.0   2026-02-17

* Add support for ``core.commentChar`` configuration option in commit message
  templates.

* Add basic support for subtrees.

* Implement server-side Git hooks (pre-receive, update, post-receive) in
  ``ReceivePackHandler``. Pre-receive hooks can abort entire pushes, update
  hooks can decline individual ref updates, and post-receive hooks run after
  successful pushes. Hook output is sent to clients via sideband channels.

* Report progress during pack file downloads. Dulwich now displays real-time
  transfer progress (bytes received, transfer speed) when cloning or fetching
  repositories, matching Git's behavior.

* Add client-side support for Git protocol v2 ``packfile-uris`` capability,
  allowing servers to offload packfile distribution to CDNs or external
  storage. Includes hash verification before writing to repository to prevent
  data corruption.

* Add bundle URI support for faster clones and fetches. The new
  ``dulwich.bundle_uri`` module implements the Git bundle URI specification,
  allowing clients to download pre-computed bundles from HTTP(S) URLs to
  bootstrap repository data before fetching remaining objects.

* Add ``--unshallow`` support to ``fetch`` command, allowing conversion of
  shallow repositories to complete ones by fetching all missing history.

* Support ``GIT_TRACE_PACKET`` in ``dulwich.cli``.

* Fix ``porcelain.checkout`` incorrectly skipping files whose paths start
  with ``.git`` (such as ``.github/``, ``.gitignore``, ``.gitattributes``)
  during working tree and index updates, leaving staged changes after a
  clean checkout.

* Fix cloning of SHA-256 repositories by including ``object-format`` and
  ``agent`` capabilities in Git protocol v2 ``ls-refs`` and ``fetch``
  commands.

Log message:
py-dulwich: updated to 1.0.0

1.0.0   2026-01-17

 * Release of 1.0!

   From here on, Dulwich will not break backwards compatibility until 2.0 -
   although we may print ``DeprecationWarning`` when using deprecated
   functionality.

   Micro releases (1.x.y) will be reserved for important bugfixes.

   Major releases (1.x.0) will introduced new features and functionality,
   without breaking backwards compatibility.

Log message:
py-dulwich: updated to 0.25.2

0.25.2  2026-01-11

 * Fix test failure when GPG raises ``InvalidSigners`` instead of
   ``GPGMEError`` on systems without usable secret keys.

 * Object store ``close()`` methods can now be called multiple times safely.
   Object stores now raise ``ResourceWarning`` when destroyed with unclosed
   resources. (Jelmer Vernooij)

Log message:
py-dulwich: updated to 0.25.1

0.25.1  2026-01-08

* Add signature vendor system for signing and verifying Git objects.
  Supports GPG, SSH signatures, and X.509 certificates.

* Add support for partial clone with object filtering.

* Fix sparse pattern matching in worktree operations.

* ``dulwich.porcelain.status`` now returns regular strings.

* Fix AssertionError when accessing ref names with length matching binary
  hash length (e.g., 32 bytes for SHA-256).

* Fix commit graph parsing failure when processing commits with 3+ parents
  (octopus merges) with incomplete EXTRA_EDGE_LIST chunk data.

* Add ``parse_commit_broken`` function to parse broken commits.

* Add basic ``dulwich.aiohttp`` module that provides
  server support.

* Add callback-based authentication support for HTTP and proxy authentication
  in ``Urllib3HttpGitClient``. This allows applications to handle
  authentication dynamically without intercepting exceptions. Callbacks
  receive the authentication scheme information (via WWW-Authenticate or
  Proxy-Authenticate headers) and can provide credentials or cancel.