From 6774bc1118ca114d536f94db34d671c6699c4284 Mon Sep 17 00:00:00 2001
From: bors <bors@rust-lang.org>
Date: Sat, 12 Nov 2022 20:31:11 +0000
Subject: [PATCH 1/3] Auto merge of #11366 - ehuss:fix-safe-directory, r=epage

Fix git2 safe-directory disable

The call to `set_verify_owner_validation` was not getting called unless a network configuration was found. This means in the common case that `cargo new` will fail when there is a safe-directory error. This fixes the issue by making sure that `set_verify_owner_validation` is called before the early-exits in `init_git_transports`.

Fixes #11365
---
 src/bin/cargo/cli.rs  |  2 +-
 src/bin/cargo/main.rs | 55 +++++++++++++++++++++++++------------------
 2 files changed, 33 insertions(+), 24 deletions(-)

diff --git a/src/bin/cargo/cli.rs b/src/bin/cargo/cli.rs
index c6b57910b03..3053854d4c7 100644
--- a/src/bin/cargo/cli.rs
+++ b/src/bin/cargo/cli.rs
@@ -149,7 +149,7 @@ Run with 'cargo -Z [FLAG] [COMMAND]'",
         }
     };
     config_configure(config, &expanded_args, subcommand_args, global_args)?;
-    super::init_git_transports(config);
+    super::init_git(config);
 
     execute_subcommand(config, cmd, subcommand_args)
 }
diff --git a/src/bin/cargo/main.rs b/src/bin/cargo/main.rs
index 70adebb9431..aaac0d12610 100644
--- a/src/bin/cargo/main.rs
+++ b/src/bin/cargo/main.rs
@@ -246,6 +246,38 @@ fn search_directories(config: &Config) -> Vec<PathBuf> {
     path_dirs
 }
 
+/// Initialize libgit2.
+fn init_git(config: &Config) {
+    // Disabling the owner validation in git can, in theory, lead to code execution
+    // vulnerabilities. However, libgit2 does not launch executables, which is the foundation of
+    // the original security issue. Meanwhile, issues with refusing to load git repos in
+    // `CARGO_HOME` for example will likely be very frustrating for users. So, we disable the
+    // validation.
+    //
+    // For further discussion of Cargo's current interactions with git, see
+    //
+    //   https://github.com/rust-lang/rfcs/pull/3279
+    //
+    // and in particular the subsection on "Git support".
+    //
+    // Note that we only disable this when Cargo is run as a binary. If Cargo is used as a library,
+    // this code won't be invoked. Instead, developers will need to explicitly disable the
+    // validation in their code. This is inconvenient, but won't accidentally open consuming
+    // applications up to security issues if they use git2 to open repositories elsewhere in their
+    // code.
+    unsafe {
+        git2::opts::set_verify_owner_validation(false)
+            .expect("set_verify_owner_validation should never fail");
+    }
+
+    init_git_transports(config);
+}
+
+/// Configure libgit2 to use libcurl if necessary.
+///
+/// If the user has a non-default network configuration, then libgit2 will be
+/// configured to use libcurl instead of the built-in networking support so
+/// that those configuration settings can be used.
 fn init_git_transports(config: &Config) {
     // Only use a custom transport if any HTTP options are specified,
     // such as proxies or custom certificate authorities. The custom
@@ -274,27 +306,4 @@ fn init_git_transports(config: &Config) {
     unsafe {
         git2_curl::register(handle);
     }
-
-    // Disabling the owner validation in git can, in theory, lead to code execution
-    // vulnerabilities. However, libgit2 does not launch executables, which is the foundation of
-    // the original security issue. Meanwhile, issues with refusing to load git repos in
-    // `CARGO_HOME` for example will likely be very frustrating for users. So, we disable the
-    // validation.
-    //
-    // For further discussion of Cargo's current interactions with git, see
-    //
-    //   https://github.com/rust-lang/rfcs/pull/3279
-    //
-    // and in particular the subsection on "Git support".
-    //
-    // Note that we only disable this when Cargo is run as a binary. If Cargo is used as a library,
-    // this code won't be invoked. Instead, developers will need to explicitly disable the
-    // validation in their code. This is inconvenient, but won't accidentally open consuming
-    // applications up to security issues if they use git2 to open repositories elsewhere in their
-    // code.
-    unsafe {
-        if git2::opts::set_verify_owner_validation(false).is_err() {
-            return;
-        }
-    }
 }

From e3daada15f9535c945054c4aa70ed0182e5269da Mon Sep 17 00:00:00 2001
From: bors <bors@rust-lang.org>
Date: Thu, 3 Nov 2022 19:18:42 +0000
Subject: [PATCH 2/3] Auto merge of #11332 - weihanglo:fix-semver-check,
 r=Muscraft

fix(semver-check): adapt to a different error for variant not covered
---
 src/doc/src/reference/semver.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/doc/src/reference/semver.md b/src/doc/src/reference/semver.md
index ee6962eafa5..29fce833774 100644
--- a/src/doc/src/reference/semver.md
+++ b/src/doc/src/reference/semver.md
@@ -391,7 +391,7 @@ pub enum E {
 fn main() {
     use updated_crate::E;
     let x = E::Variant1;
-    match x { // Error: `Variant2` not covered
+    match x { // Error: `E::Variant2` not covered
         E::Variant1 => {}
     }
 }

From 4d1d2b2ace6d33a82040b4fb40d9ee3396f99392 Mon Sep 17 00:00:00 2001
From: bors <bors@rust-lang.org>
Date: Fri, 4 Nov 2022 03:26:49 +0000
Subject: [PATCH 3/3] Auto merge of #11335 - ehuss:space-test, r=epage

Clean more aggressively in CI

The Windows x86_64 gnu CI job is running dangerously low on disk space. This PR adds another step to delete test output more aggressively. The test output with x86_64-pc-windows-gnu is nearly 9.5GB. The benchmark step is adding about 1GB of space (unfortunately it is rebuilding cargo, which may be hard to avoid without a workspace).

Eventually we should probably look at figuring out how to reduce the amount of disk space used by the testsuite. Perhaps something like #9701 (see comments there). Or, making aggressive changes to the tests themselves. Many tests can probably be changed to use `cargo check` instead of `cargo build` (or maybe even `cargo tree`). We can default to not generating debuginfo. Or perhaps there are other changes to put the tests on a diet.
---
 .github/workflows/main.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 21acb72ef86..cd08bebddd5 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -80,6 +80,13 @@ jobs:
 
     # Deny warnings on CI to avoid warnings getting into the codebase.
     - run: cargo test --features 'deny-warnings'
+    # The testsuite generates a huge amount of data, and fetch-smoke-test was
+    # running out of disk space.
+    - name: Clear test output
+      run: |
+        df -h
+        rm -rf target/tmp
+        df -h
     - name: Check operability of rustc invocation with argfile
       env:
         __CARGO_TEST_FORCE_ARGFILE: 1
@@ -111,7 +118,7 @@ jobs:
         cargo check --manifest-path benches/capture/Cargo.toml
     # The testsuite generates a huge amount of data, and fetch-smoke-test was
     # running out of disk space.
-    - name: Clear test output
+    - name: Clear benchmark output
       run: |
         df -h
         rm -rf target/tmp