Improvements
- RevWalk: Add an isMergedIntoAnyCommit() method
Performance Improvements
- Do not load bitmap indexes during directory scans
- Pack: separate an open/close accounting lock
- WindowCache: share removal work among multiple threads
- Optionally.Hard: avoid Optional creation on every use
- WindowCache: add bulk purge(), call from bulk sites
Bug Fixes
- jgit-140 Fix calculation of pack files and objects since bitmap
- Pack: fix threading bug getting idx
- Fix potential NPE in TreeWalk#getFilterCommandDefinition
- jgit-118 Advertise "agent" capability when using protocol v2
- FileSnapshot: silence "Stale file handle" exceptions
- FileSnapshot: silence "Not a Directory" exceptions
- Fix potential NPE in ResolveMerger#getAttributesContentMergeStrategy
- Fix NPE in DiffFormatter#getDiffDriver
- Pack: ensure packfile is still valid while still recoverable
Security fixes
The following changes fix CVE-2025-4949:
- ManifestParser: Do not accept DOCTYPE and entities to harden XML parser
- AmazonS3: Do not accept DOCTYPE and entities to harden XML parser
Kudos to Simon Gerst for reporting this vulnerability.
Build and Release Engineering
- Update target platform version in maven build to 4.32 (2024-06)
Release Date
Release Type
Service release (bug fixes only)