RubyGems - git - Versions diffs - 4.1.1 → 4.1.2 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/.github/copilot-instructions.md +34 -6
data/.github/workflows/continuous_integration.yml +1 -1
data/.github/workflows/enforce_conventional_commits.yml +1 -0
data/.github/workflows/release.yml +1 -1
data/.release-please-manifest.json +1 -1
data/CHANGELOG.md +10 -0
data/CONTRIBUTING.md +22 -2
data/GOVERNANCE.md +43 -0
data/MAINTAINERS.md +3 -2
data/lib/git/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e74c843d872d01532fd6938f338d16cfa84a25a4c47287347edbea39e580488
-  data.tar.gz: d7db0f868a554c60fc39d5716096dbc7967d974afad249b7625266f00cb4c305
+  metadata.gz: 547a803a734580e23f5e1f6910f54c2437bcb165331d1d2d9048a2fb2ff1180f
+  data.tar.gz: 9532b6e51177204f789aab40b2d551d8886abf524f50f9366a60045f00e2cc7f
 SHA512:
-  metadata.gz: 41504a21ea74ab571a0db205b3654a69fd6e6a5af7917e9612c4dab8cbfc321c5babc44bdf62287e890146282fe64343c97fc5af49d0f9520b340db5f4f8f4a6
-  data.tar.gz: bccb9b41fd526b5b6c92870e05fcf967d9a235898988efd41aa4f2e3ed7a2e10a4d9e3fda1e8ee7a25d4870cea132d2ae7b50dbb72252e8bb9e292a98ccebf7e
+  metadata.gz: 31f1da3bc8b566f4990efd1651ed59202eabd424722693e0fae1b41ec194d4bbd2f7c613ed7552035b6ca42b6d501459b0d9d323bd188957ed5291675ff506de
+  data.tar.gz: eb4a424bdfbc1fcda445e880b8497ff714fe2c575591a5c48ee8c37f36e721f38474dd409c0af85fddbd98570a8ac7e5e5ba8c4e6c994fce46108e9f349f8137

data/.github/copilot-instructions.md CHANGED Viewed

@@ -2540,21 +2540,49 @@ automated releases based on conventional commits.
 **Branch Strategy:**
+This project maintains two active branches:
+- **`main`**: Active development for the next major version (v5.0.0+). May contain
+  breaking changes.
+- **`4.x`**: Maintenance branch for the v4.x release series. Bug fixes and
+  backward-compatible improvements only.
+**Important:** Never commit directly to `main` or `4.x`. All changes must be
+submitted via pull requests from feature branches. This ensures proper code review,
+CI validation, and maintains a clean commit history.
+**For new features and breaking changes (target `main`):**
 1. Ensure local main is up-to-date: `git fetch origin main`
 2. Create a new branch from origin/main: `git checkout -b feature/your-feature
    origin/main`
 3. Make your changes following TDD
 4. Ensure all tests pass and code quality checks pass
-5. Push the branch and create a PR
+5. Push the branch and create a PR targeting `main`
+**For bug fixes (target `main`, maintainers backport to `4.x` if applicable):**
+1. Ensure local main is up-to-date: `git fetch origin main`
+2. Create a new branch from origin/main: `git checkout -b fix/your-fix origin/main`
+3. Make your changes following TDD
+4. Push the branch and create a PR targeting `main`
+**For security fixes or 4.x-only changes (target `4.x`):**
+1. Ensure local 4.x is up-to-date: `git fetch origin 4.x`
+2. Create a new branch from origin/4.x: `git checkout -b fix/your-fix origin/4.x`
+3. Make your changes following TDD
+4. Push the branch and create a PR targeting `4.x`
 **When Submitting Existing Changes:**
-- Ensure changes are on a feature branch (not `main`), following the naming
+- Ensure changes are on a feature branch (not `main` or `4.x`), following the naming
   convention `<type>/<short-description>`
-- If changes are on the wrong branch, offer to create a new branch from
-  `origin/main` and relocate the user's existing work (commits or uncommitted
-  changes) onto that new branch, choosing an appropriate Git approach (for
-  example, cherry-pick, rebase, or recommitting) based on the situation
+- If changes are on the wrong branch, offer to create a new branch from the
+  appropriate base branch (`origin/main` or `origin/4.x`) and relocate the user's
+  existing work (commits or uncommitted changes) onto that new branch, choosing an
+  appropriate Git approach (for example, cherry-pick, rebase, or recommitting) based
+  on the situation
 **PR Creation Automation:**

data/.github/workflows/continuous_integration.yml CHANGED Viewed

@@ -2,7 +2,7 @@ name: CI
 on:
   pull_request:
-    branches: [main]
+    branches: [main, 4.x]
   workflow_dispatch:
 jobs:

data/.github/workflows/enforce_conventional_commits.yml CHANGED Viewed

@@ -8,6 +8,7 @@ on:
   pull_request:
     branches:
       - main
+      - 4.x
 jobs:
   commit-lint:

data/.github/workflows/release.yml CHANGED Viewed

@@ -11,7 +11,7 @@ description: |
 on:
   push:
-    branches: ["main"]
+    branches: ["main", "4.x"]
   workflow_dispatch:

data/.release-please-manifest.json CHANGED Viewed

@@ -1,3 +1,3 @@
 {
-  ".": "4.1.1"
+  ".": "4.1.2"
 }

data/CHANGELOG.md CHANGED Viewed

@@ -5,6 +5,16 @@
 # Change Log
+## [4.1.2](https://github.com/ruby-git/ruby-git/compare/v4.1.1...v4.1.2) (2026-01-10)
+### Other Changes
+* Add Continuity section to Governance ([a2f644c](https://github.com/ruby-git/ruby-git/commit/a2f644c0caa7b60137e0a1ef79eabaf880d18ac6))
+* Add Roberto Decurnex to Maintainers Emeritus ([5104537](https://github.com/ruby-git/ruby-git/commit/5104537e15c5d14357c353b08706973c2669ad31))
+* Enable releases from 4.x maintenance branch ([5377de6](https://github.com/ruby-git/ruby-git/commit/5377de602e6ecd947d3feadb3df49d6a63556f53))
+* Move inactive maintainers to Emeritus per governance policy ([f09e4d1](https://github.com/ruby-git/ruby-git/commit/f09e4d1e68cd5db6535ba737720eb495ea8422ec))
 ## [4.1.1](https://github.com/ruby-git/ruby-git/compare/v4.1.0...v4.1.1) (2026-01-09)

data/CONTRIBUTING.md CHANGED Viewed

@@ -12,6 +12,7 @@
   - [Commit your changes to a fork of `ruby-git`](#commit-your-changes-to-a-fork-of-ruby-git)
   - [Create a pull request](#create-a-pull-request)
   - [Get your pull request reviewed](#get-your-pull-request-reviewed)
+- [Branch strategy](#branch-strategy)
 - [AI-assisted contributions](#ai-assisted-contributions)
 - [Design philosophy](#design-philosophy)
   - [Direct mapping to git commands](#direct-mapping-to-git-commands)
@@ -97,13 +98,32 @@ Once your pull request is ready for review, request a review from at least one
 [maintainer](MAINTAINERS.md) and any other contributors you deem necessary.
 During the review process, you may need to make additional commits, which should be
-squashed. Additionally, you may need to rebase your branch to the latest `master`
-branch if other changes have been merged.
+squashed. Additionally, you will need to rebase your branch to the latest version of
+the target branch (e.g., `main` or `4.x`) before merging.
 At least one approval from a project maintainer is required before your pull request
 can be merged. The maintainer is responsible for ensuring that the pull request meets
 [the project's coding standards](#coding-standards).
+## Branch strategy
+This project maintains two active branches:
+- **`main`**: Active development for the next major version (v5.0.0+). This branch
+  may contain breaking changes.
+- **`4.x`**: Maintenance branch for the v4.x release series. This branch receives
+  bug fixes and backward-compatible improvements only.
+**Important:** Never commit directly to `main` or `4.x`. All changes must be
+submitted via pull requests from feature branches. This ensures proper code review,
+CI validation, and maintains a clean commit history.
+When submitting a pull request:
+- **New features and breaking changes**: Target the `main` branch
+- **Bug fixes**: Target `main`, and maintainers will backport to `4.x` if applicable
+- **Security fixes**: Target both branches or `4.x` if the issue only affects v4.x
 ## AI-assisted contributions
 AI-assisted contributions are welcome. Please review and apply our [AI Policy](AI_POLICY.md)

data/GOVERNANCE.md CHANGED Viewed

@@ -57,6 +57,49 @@ Decisions are usually made by consensus among the active maintainers. If consens
 cannot be reached, the decision is made by a majority vote. If a vote results in a
 tie, the Project Lead has the final say.
+## Continuity
+The project must be able to ship releases and respond to security issues even if
+individual maintainers become unavailable.
+### RubyGems Ownership
+RubyGems ownership (the ability to push new gem versions) is granted to a subset
+of active maintainers—typically the Project Lead and at least one other
+maintainer—to balance security with continuity. Not all maintainers require
+RubyGems access.
+RubyGems owners follow the same activity principles as other elevated access: if
+an owner becomes inactive, their ownership is paused alongside other permissions.
+### Minimum Thresholds
+To avoid single points of failure:
+- At least two active maintainers should have RubyGems ownership for the `git` gem.
+- At least two active maintainers should have GitHub org Owner or repo Admin
+  access.
+If thresholds drop below these levels, remaining maintainers should prioritize
+onboarding or re-activating someone to restore redundancy.
+### Access Audits
+Periodically (at least annually), maintainers review access across all systems:
+- GitHub organization membership and roles
+- GitHub repository admin/write permissions
+- RubyGems gem ownership
+- GitHub Actions release automation: PATs/OIDC tokens (e.g., `AUTO_RELEASE_TOKEN` scope),
+  environment protection rules/approvers for RubyGems deployments, and any OIDC
+  trust configuration
+The Project Lead (or a delegated maintainer) schedules and drives this review so
+continuity checks do not slip.
+Audits ensure access reflects current activity and that continuity thresholds are
+met.
 ## Code of Conduct
 All maintainers and contributors must adhere to the project's [Code of

data/MAINTAINERS.md CHANGED Viewed

@@ -11,14 +11,15 @@ See [GOVERNANCE.md](GOVERNANCE.md) for a definition of the Maintainer role.
 - [James Couball](https://github.com/jcouball) (Project Lead)
 - [Frank Throckmorton](https://github.com/frankthrock)
-- [Per Lundberg](https://github.com/perlun)
 ## Maintainers Emeritus (Alumni)
 **Maintainers Emeritus** are former maintainers who are no longer active. We honor
 their past contributions.
+- [Per Lundberg](https://github.com/perlun)
 - [Vern Burton](https://github.com/tarcinil)
 - [Daniel Perez](https://github.com/dpmex4527)
 - [Richard Vodden](https://github.com/rvodden)
-- [Scott Chacon](https://github.com/schacon)
+- [Roberto Decurnex](https://github.com/robertodecurnex)
+- [Scott Chacon](https://github.com/schacon) (original creator)

data/lib/git/version.rb CHANGED Viewed

@@ -3,5 +3,5 @@
 module Git
   # The current gem version
   # @return [String] the current gem version.
-  VERSION = '4.1.1'
+  VERSION = '4.1.2'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: git
 version: !ruby/object:Gem::Version
-  version: 4.1.1
+  version: 4.1.2
 platform: ruby
 authors:
 - Scott Chacon and others
@@ -308,8 +308,8 @@ licenses:
 metadata:
   homepage_uri: http://github.com/ruby-git/ruby-git
   source_code_uri: http://github.com/ruby-git/ruby-git
-  changelog_uri: https://rubydoc.info/gems/git/4.1.1/file/CHANGELOG.md
-  documentation_uri: https://rubydoc.info/gems/git/4.1.1
+  changelog_uri: https://rubydoc.info/gems/git/4.1.2/file/CHANGELOG.md
+  documentation_uri: https://rubydoc.info/gems/git/4.1.2
   rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:

git 4.1.1 → 4.1.2