Sync with 2.45.3

* maint-2.45:
  Git 2.45.3
  Git 2.44.3
  Git 2.43.6
  Git 2.42.4
  Git 2.41.3
  Git 2.40.4
  credential: disallow Carriage Returns in the protocol by default
  credential: sanitize the user prompt
  credential_format(): also encode <host>[:<port>]
  t7300: work around platform-specific behaviour with long paths on MinGW
  compat/regex: fix argument order to calloc(3)
  mingw: drop bogus (and unneeded) declaration of `_pgmptr`
  ci: remove 'Upload failed tests' directories' step from linux32 jobs

diff --cc credential.c
index 4b1a2b94feff73d31d5682b44ce4bfd14f88594e,ef8477a7a6f541d89814eb059e62ae8783fd68fd..eb0d394c03ccc716bac9062e29086790f916336e
--- 1/credential.c
--- 2/credential.c
+++ b/credential.c
@@@ -367,39 -293,21 +380,39 @@@ static void credential_write_item(cons
        fprintf(fp, "%s=%s\n", key, value);
  }
  
 -void credential_write(const struct credential *c, FILE *fp)
 +void credential_write(const struct credential *c, FILE *fp,
 +                    enum credential_op_type op_type)
  {
-               credential_write_item(fp, "capability[]", "authtype", 0);
 +      if (credential_has_capability(&c->capa_authtype, op_type))
-               credential_write_item(fp, "capability[]", "state", 0);
++              credential_write_item(c, fp, "capability[]", "authtype", 0);
 +      if (credential_has_capability(&c->capa_state, op_type))
-               credential_write_item(fp, "authtype", c->authtype, 0);
-               credential_write_item(fp, "credential", c->credential, 0);
++              credential_write_item(c, fp, "capability[]", "state", 0);
 +
 +      if (credential_has_capability(&c->capa_authtype, op_type)) {
-                       credential_write_item(fp, "ephemeral", "1", 0);
++              credential_write_item(c, fp, "authtype", c->authtype, 0);
++              credential_write_item(c, fp, "credential", c->credential, 0);
 +              if (c->ephemeral)
-       credential_write_item(fp, "protocol", c->protocol, 1);
-       credential_write_item(fp, "host", c->host, 1);
-       credential_write_item(fp, "path", c->path, 0);
-       credential_write_item(fp, "username", c->username, 0);
-       credential_write_item(fp, "password", c->password, 0);
-       credential_write_item(fp, "oauth_refresh_token", c->oauth_refresh_token, 0);
++                      credential_write_item(c, fp, "ephemeral", "1", 0);
 +      }
+       credential_write_item(c, fp, "protocol", c->protocol, 1);
+       credential_write_item(c, fp, "host", c->host, 1);
+       credential_write_item(c, fp, "path", c->path, 0);
+       credential_write_item(c, fp, "username", c->username, 0);
+       credential_write_item(c, fp, "password", c->password, 0);
+       credential_write_item(c, fp, "oauth_refresh_token", c->oauth_refresh_token, 0);
        if (c->password_expiry_utc != TIME_MAX) {
                char *s = xstrfmt("%"PRItime, c->password_expiry_utc);
-               credential_write_item(fp, "password_expiry_utc", s, 0);
+               credential_write_item(c, fp, "password_expiry_utc", s, 0);
                free(s);
        }
        for (size_t i = 0; i < c->wwwauth_headers.nr; i++)
-               credential_write_item(fp, "wwwauth[]", c->wwwauth_headers.v[i], 0);
+               credential_write_item(c, fp, "wwwauth[]", c->wwwauth_headers.v[i], 0);
 +      if (credential_has_capability(&c->capa_state, op_type)) {
 +              if (c->multistage)
-                       credential_write_item(fp, "continue", "1", 0);
++                      credential_write_item(c, fp, "continue", "1", 0);
 +              for (size_t i = 0; i < c->state_headers_to_send.nr; i++)
-                       credential_write_item(fp, "state[]", c->state_headers_to_send.v[i], 0);
++                      credential_write_item(c, fp, "state[]", c->state_headers_to_send.v[i], 0);
 +      }
  }
  
  static int run_credential_helper(struct credential *c,

diff --cc credential.h
index 5f9e6ff2efef55fff8452fc6e50997a759a27118,3b848714124f0166ac308741746512eb5b4ca1db..63fef3e2ea2fe72559138bb7a455793bd0783e73
--- 1/credential.h
--- 2/credential.h
+++ b/credential.h
@@@ -163,19 -131,15 +163,21 @@@ struct credential 
        unsigned header_is_last_match:1;
  
        unsigned approved:1,
 +               ephemeral:1,
                 configured:1,
 +               multistage: 1,
                 quit:1,
                 use_http_path:1,
-                username_from_proto:1;
+                username_from_proto:1,
+                sanitize_prompt:1,
+                protect_protocol:1;
  
 +      struct credential_capability capa_authtype;
 +      struct credential_capability capa_state;
 +
        char *username;
        char *password;
 +      char *credential;
        char *protocol;
        char *host;
        char *path;
@@@ -193,8 -151,8 +195,10 @@@
        .helpers = STRING_LIST_INIT_DUP, \
        .password_expiry_utc = TIME_MAX, \
        .wwwauth_headers = STRVEC_INIT, \
 +      .state_headers = STRVEC_INIT, \
 +      .state_headers_to_send = STRVEC_INIT, \
+       .sanitize_prompt = 1, \
+       .protect_protocol = 1, \
  }
  
  /* Initialize a credential structure, setting all fields to empty. */

diff --cc strbuf.c
Simple merge

diff --cc strbuf.h
Simple merge

diff --cc t/t0300-credentials.sh
Simple merge

diff --cc t/t5550-http-fetch-dumb.sh
Simple merge

diff --cc t/t5551-http-fetch-smart.sh
Simple merge