Merge branch 'pks/docs-improvements'

8 files changed, 1772 insertions, 4 deletions

diff --git a/docs/changelog.md b/docs/changelog.md
new file mode 100644
index 000000000..057d39570
--- /dev/null
+++ b/docs/changelog.md
@@ -0,0 +1,1031 @@
+v0.27 + 1
+---------
+
+### Changes or improvements
+
+* The line-ending filtering logic - when checking out files - has been
+  updated to match newer git (>= git 2.9) for proper interoperability.
+
+* Submodules with names which attempt to perform path traversal now have their
+  configuration ignored. Such names were blindly appended to the
+  `$GIT_DIR/modules` and a malicious name could lead to an attacker writing to
+  an arbitrary location. This matches git's handling of CVE-2018-11235.
+
+### API additions
+
+* You can now swap out memory allocators via the
+  `GIT_OPT_SET_ALLOCATOR` option with `git_libgit2_opts()`.
+
+### API removals
+
+### Breaking API changes
+
+* The default checkout strategy changed from `DRY_RUN` to `SAFE` (#4531).
+
+* Adding a symlink as .gitmodules into the index from the workdir or checking
+  out such files is not allowed as this can make a Git implementation write
+  outside of the repository and bypass the fsck checks for CVE-2018-11235.
+
+v0.27
+---------
+
+### Changes or improvements
+
+* Improved `p_unlink` in `posix_w32.c` to try and make a file writable
+  before sleeping in the retry loop to prevent unnecessary calls to sleep.
+
+* The CMake build infrastructure has been improved to speed up building time.
+
+* A new CMake option "-DUSE_HTTPS=<backend>" makes it possible to explicitly
+  choose an HTTP backend.
+
+* A new CMake option "-DSHA1_BACKEND=<backend>" makes it possible to explicitly
+  choose an SHA1 backend. The collision-detecting backend is now the default.
+
+* A new CMake option "-DUSE_BUNDLED_ZLIB" makes it possible to explicitly use
+  the bundled zlib library.
+
+* A new CMake option "-DENABLE_REPRODUCIBLE_BUILDS" makes it possible to
+  generate a reproducible static archive. This requires support from your
+  toolchain.
+
+* The minimum required CMake version has been bumped to 2.8.11.
+
+* Writing to a configuration file now preserves the case of the key given by the
+  caller for the case-insensitive portions of the key (existing sections are
+  used even if they don't match).
+
+* We now support conditional includes in configuration files.
+
+* Fix for handling re-reading of configuration files with includes.
+
+* Fix for reading patches which contain exact renames only.
+
+* Fix for reading patches with whitespace in the compared files' paths.
+
+* We will now fill `FETCH_HEAD` from all passed refspecs instead of overwriting
+  with the last one.
+
+* There is a new diff option, `GIT_DIFF_INDENT_HEURISTIC` which activates a
+  heuristic which takes into account whitespace and indentation in order to
+  produce better diffs when dealing with ambiguous diff hunks.
+
+* Fix for pattern-based ignore rules where files ignored by a rule cannot be
+  un-ignored by another rule.
+
+* Sockets opened by libgit2 are now being closed on exec(3) if the platform
+  supports it.
+
+* Fix for peeling annotated tags from packed-refs files.
+
+* Fix reading huge loose objects from the object database.
+
+* Fix files not being treated as modified when only the file mode has changed.
+
+* We now explicitly reject adding submodules to the index via
+  `git_index_add_frombuffer`.
+
+* Fix handling of `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` raising `SIGABRT` when
+  one file has been deleted and another file has been rewritten.
+
+* Fix for WinHTTP not properly handling NTLM and Negotiate challenges.
+
+* When using SSH-based transports, we now repeatedly ask for the passphrase to
+  decrypt the private key in case a wrong passphrase is being provided.
+
+* When generating conflict markers, they will now use the same line endings as
+  the rest of the file.
+
+### API additions
+
+* The `git_merge_file_options` structure now contains a new setting,
+  `marker_size`.  This allows users to set the size of markers that
+  delineate the sides of merged files in the output conflict file.
+  By default this is 7 (`GIT_MERGE_CONFLICT_MARKER_SIZE`), which
+  produces output markers like `<<<<<<<` and `>>>>>>>`.
+
+* `git_remote_create_detached()` creates a remote that is not associated
+  to any repository (and does not apply configuration like 'insteadof' rules).
+  This is mostly useful for e.g. emulating `git ls-remote` behavior.
+
+* `git_diff_patchid()` lets you generate patch IDs for diffs.
+
+* `git_status_options` now has an additional field `baseline` to allow creating
+  status lists against different trees.
+
+* New family of functions to allow creating notes for a specific notes commit
+  instead of for a notes reference.
+
+* New family of functions to allow parsing message trailers. This API is still
+  experimental and may change in future releases.
+
+### API removals
+
+### Breaking API changes
+
+* Signatures now distinguish between +0000 and -0000 UTC offsets.
+
+* The certificate check callback in the WinHTTP transport will now receive the
+  `message_cb_payload` instead of the `cred_acquire_payload`.
+
+* We are now reading symlinked directories under .git/refs.
+
+* We now refuse creating branches named "HEAD".
+
+* We now refuse reading and writing all-zero object IDs into the
+  object database.
+
+* We now read the effective user's configuration file instead of the real user's
+  configuration in case libgit2 runs as part of a setuid binary.
+
+* The `git_odb_open_rstream` function and its `readstream` callback in the
+  `git_odb_backend` interface have changed their signatures to allow providing
+  the object's size and type to the caller.
+
+v0.26
+-----
+
+### Changes or improvements
+
+* Support for opening, creating and modifying worktrees.
+
+* We can now detect SHA1 collisions resulting from the SHAttered attack. These
+  checks can be enabled at build time via `-DUSE_SHA1DC`.
+
+* Fix for missing implementation of `git_merge_driver_source` getters.
+
+* Fix for installed pkg-config file being broken when the prefix contains
+  spaces.
+
+* We now detect when the hashsum of on-disk objects does not match their
+  expected hashsum.
+
+* We now support open-ended ranges (e.g. "master..", "...master") in our
+  revision range parsing code.
+
+* We now correctly compute ignores with leading "/" in subdirectories.
+
+* We now optionally call `fsync` on loose objects, packfiles and their indexes,
+  loose references and packed reference files.
+
+* We can now build against OpenSSL v1.1 and against LibreSSL.
+
+* `GIT_MERGE_OPTIONS_INIT` now includes a setting to perform rename detection.
+  This aligns this structure with the default by `git_merge` and
+  `git_merge_trees` when `NULL` was provided for the options.
+
+* Improvements for reading index v4 files.
+
+* Perform additional retries for filesystem operations on Windows when files
+  are temporarily locked by other processes.
+
+### API additions
+
+* New family of functions to handle worktrees:
+
+    * `git_worktree_list()` lets you look up worktrees for a repository.
+    * `git_worktree_lookup()` lets you get a specific worktree.
+    * `git_worktree_open_from_repository()` lets you get the associated worktree
+      of a repository.
+      a worktree.
+    * `git_worktree_add` lets you create new worktrees.
+    * `git_worktree_prune` lets you remove worktrees from disk.
+    * `git_worktree_lock()` and `git_worktree_unlock()` let you lock
+      respectively unlock a worktree.
+    * `git_repository_open_from_worktree()` lets you open a repository via
+    * `git_repository_head_for_worktree()` lets you get the current `HEAD` for a
+      linked worktree.
+    * `git_repository_head_detached_for_worktree()` lets you check whether a
+      linked worktree is in detached HEAD mode.
+
+* `git_repository_item_path()` lets you retrieve paths for various repository
+  files.
+
+* `git_repository_commondir()` lets you retrieve the common directory of a
+  repository.
+
+* `git_branch_is_checked_out()` allows you to check whether a branch is checked
+  out in a repository or any of its worktrees.
+
+* `git_repository_submodule_cache_all()` and
+  `git_repository_submodule_cache_clear()` functions allow you to prime or clear
+  the submodule cache of a repository.
+
+* You can disable strict hash verifications via the
+  `GIT_OPT_ENABLE_STRICT_HASH_VERIFICATION` option with `git_libgit2_opts()`.
+
+* You can enable us calling `fsync` for various files inside the ".git"
+  directory by setting the `GIT_OPT_ENABLE_FSYNC_GITDIR` option with
+  `git_libgit2_opts()`.
+
+* You can now enable "offset deltas" when creating packfiles and negotiating
+  packfiles with a remote server by setting `GIT_OPT_ENABLE_OFS_DELTA` option
+  with `GIT_libgit2_opts()`.
+
+* You can now set the default share mode on Windows for opening files using
+  `GIT_OPT_SET_WINDOWS_SHAREMODE` option with `git_libgit2_opts()`.
+  You can query the current share mode with `GIT_OPT_GET_WINDOWS_SHAREMODE`.
+
+* `git_transport_smart_proxy_options()' enables you to get the proxy options for
+  smart transports.
+
+* The `GIT_FILTER_INIT` macro and the `git_filter_init` function are provided
+  to initialize a `git_filter` structure.
+
+### Breaking API changes
+
+* `clone_checkout_strategy` has been removed from
+  `git_submodule_update_option`. The checkout strategy used to clone will
+  be the same strategy specified in `checkout_opts`.
+
+v0.25
+-------
+
+### Changes or improvements
+
+* Fix repository discovery with `git_repository_discover` and
+  `git_repository_open_ext` to match git's handling of a ceiling
+  directory at the current directory. git only checks ceiling
+  directories when its search ascends to a parent directory.  A ceiling
+  directory matching the starting directory will not prevent git from
+  finding a repository in the starting directory or a parent directory.
+
+* Do not fail when deleting remotes in the presence of broken
+  global configs which contain branches.
+
+* Support for reading and writing git index v4 files
+
+* Improve the performance of the revwalk and bring us closer to git's code.
+
+* The reference db has improved support for concurrency and returns `GIT_ELOCKED`
+  when an operation could not be performed due to locking.
+
+* Nanosecond resolution is now activated by default, following git's change to
+  do this.
+
+* We now restrict the set of ciphers we let OpenSSL use by default.
+
+* Users can now register their own merge drivers for use with `.gitattributes`.
+  The library also gained built-in support for the union merge driver.
+
+* The default for creating references is now to validate that the object does
+  exist.
+
+* Add `git_proxy_options` which is used by the different networking
+  implementations to let the caller specify the proxy settings instead of
+  relying on the environment variables.
+
+### API additions
+
+* You can now get the user-agent used by libgit2 using the
+  `GIT_OPT_GET_USER_AGENT` option with `git_libgit2_opts()`.
+  It is the counterpart to `GIT_OPT_SET_USER_AGENT`.
+
+* The `GIT_OPT_SET_SSL_CIPHERS` option for `git_libgit2_opts()` lets you specify
+  a custom list of ciphers to use for OpenSSL.
+
+* `git_commit_create_buffer()` creates a commit and writes it into a
+  user-provided buffer instead of writing it into the object db. Combine it with
+  `git_commit_create_with_signature()` in order to create a commit with a
+  cryptographic signature.
+
+* `git_blob_create_fromstream()` and
+  `git_blob_create_fromstream_commit()` allow you to create a blob by
+  writing into a stream. Useful when you do not know the final size or
+  want to copy the contents from another stream.
+
+* New flags for `git_repository_open_ext`:
+
+    * `GIT_REPOSITORY_OPEN_NO_DOTGIT` - Do not check for a repository by
+      appending `/.git` to the `start_path`; only open the repository if
+      `start_path` itself points to the git directory.
+    * `GIT_REPOSITORY_OPEN_FROM_ENV` - Find and open a git repository,
+      respecting the environment variables used by the git command-line
+      tools. If set, `git_repository_open_ext` will ignore the other
+      flags and the `ceiling_dirs` argument, and will allow a NULL
+      `path` to use `GIT_DIR` or search from the current directory. The
+      search for a repository will respect `$GIT_CEILING_DIRECTORIES`
+      and `$GIT_DISCOVERY_ACROSS_FILESYSTEM`.  The opened repository
+      will respect `$GIT_INDEX_FILE`, `$GIT_NAMESPACE`,
+      `$GIT_OBJECT_DIRECTORY`, and `$GIT_ALTERNATE_OBJECT_DIRECTORIES`.
+      In the future, this flag will also cause `git_repository_open_ext`
+      to respect `$GIT_WORK_TREE` and `$GIT_COMMON_DIR`; currently,
+      `git_repository_open_ext` with this flag will error out if either
+      `$GIT_WORK_TREE` or `$GIT_COMMON_DIR` is set.
+
+* `git_diff_from_buffer()` can create a `git_diff` object from the contents
+  of a git-style patch file.
+
+* `git_index_version()` and `git_index_set_version()` to get and set
+  the index version
+
+* `git_odb_expand_ids()` lets you check for the existence of multiple
+  objects at once.
+
+* The new `git_blob_dup()`, `git_commit_dup()`, `git_tag_dup()` and
+  `git_tree_dup()` functions provide type-specific wrappers for
+  `git_object_dup()` to reduce noise and increase type safety for callers.
+
+* `git_reference_dup()` lets you duplicate a reference to aid in ownership
+  management and cleanup.
+
+* `git_signature_from_buffer()` lets you create a signature from a string in the
+  format that appear in objects.
+
+* `git_tree_create_updated()` lets you create a tree based on another one
+  together with a list of updates. For the covered update cases, it's more
+  efficient than the `git_index` route.
+
+* `git_apply_patch()` applies hunks from a `git_patch` to a buffer.
+
+* `git_diff_to_buf()` lets you print an entire diff directory to a buffer,
+  similar to how `git_patch_to_buf()` works.
+
+* `git_proxy_init_options()` is added to initialize a `git_proxy_options`
+  structure at run-time.
+
+* `git_merge_driver_register()`, `git_merge_driver_unregister()` let you
+  register and unregister a custom merge driver to be used when `.gitattributes`
+  specifies it.
+
+* `git_merge_driver_lookup()` can be used to look up a merge driver by name.
+
+* `git_merge_driver_source_repo()`, `git_merge_driver_source_ancestor()`,
+  `git_merge_driver_source_ours()`, `git_merge_driver_source_theirs()`,
+  `git_merge_driver_source_file_options()` added as accessors to
+  `git_merge_driver_source`.
+
+### API removals
+
+* `git_blob_create_fromchunks()` has been removed in favour of
+  `git_blob_create_fromstream()`.
+
+### Breaking API changes
+
+* `git_packbuilder_object_count` and `git_packbuilder_written` now
+  return a `size_t` instead of a `uint32_t` for more thorough
+  compatibility with the rest of the library.
+
+* `git_packbuiler_progress` now provides explicitly sized `uint32_t`
+  values instead of `unsigned int`.
+
+* `git_diff_file` now includes an `id_abbrev` field that reflects the
+  number of nibbles set in the `id` field.
+
+* `git_odb_backend` now has a `freshen` function pointer.  This optional
+  function pointer is similar to the `exists` function, but it will update
+  a last-used marker.  For filesystem-based object databases, this updates
+  the timestamp of the file containing the object, to indicate "freshness".
+  If this is `NULL`, then it will not be called and the `exists` function
+  will be used instead.
+
+* `git_remote_connect()` now accepts `git_proxy_options` argument, and
+  `git_fetch_options` and `git_push_options` each have a `proxy_opts` field.
+
+* `git_merge_options` now provides a `default_driver` that can be used
+  to provide the name of a merge driver to be used to handle files changed
+  during a merge.
+
+v0.24
+-------
+
+### Changes or improvements
+
+* Custom merge drivers can now be registered, which allows callers to
+  configure callbacks to honor `merge=driver` configuration in
+  `.gitattributes`.
+
+* Custom filters can now be registered with wildcard attributes, for
+  example `filter=*`.  Consumers should examine the attributes parameter
+  of the `check` function for details.
+
+* Symlinks are now followed when locking a file, which can be
+  necessary when multiple worktrees share a base repository.
+
+* You can now set your own user-agent to be sent for HTTP requests by
+  using the `GIT_OPT_SET_USER_AGENT` with `git_libgit2_opts()`.
+
+* You can set custom HTTP header fields to be sent along with requests
+  by passing them in the fetch and push options.
+
+* Tree objects are now assumed to be sorted. If a tree is not
+  correctly formed, it will give bad results. This is the git approach
+  and cuts a significant amount of time when reading the trees.
+
+* Filter registration is now protected against concurrent
+  registration.
+
+* Filenames which are not valid on Windows in an index no longer cause
+  to fail to parse it on that OS.
+
+* Rebases can now be performed purely in-memory, without touching the
+  repository's workdir.
+
+* When adding objects to the index, or when creating new tree or commit
+  objects, the inputs are validated to ensure that the dependent objects
+  exist and are of the correct type.  This object validation can be
+  disabled with the GIT_OPT_ENABLE_STRICT_OBJECT_CREATION option.
+
+* The WinHTTP transport's handling of bad credentials now behaves like
+  the others, asking for credentials again.
+
+### API additions
+
+* `git_config_lock()` has been added, which allow for
+  transactional/atomic complex updates to the configuration, removing
+  the opportunity for concurrent operations and not committing any
+  changes until the unlock.
+
+* `git_diff_options` added a new callback `progress_cb` to report on the
+  progress of the diff as files are being compared. The documentation of
+  the existing callback `notify_cb` was updated to reflect that it only
+  gets called when new deltas are added to the diff.
+
+* `git_fetch_options` and `git_push_options` have gained a `custom_headers`
+  field to set the extra HTTP header fields to send.
+
+* `git_stream_register_tls()` lets you register a callback to be used
+  as the constructor for a TLS stream instead of the libgit2 built-in
+  one.
+
+* `git_commit_header_field()` allows you to look up a specific header
+  field in a commit.
+
+* `git_commit_extract_signature()` extracts the signature from a
+  commit and gives you both the signature and the signed data so you
+  can verify it.
+
+### API removals
+
+* No APIs were removed in this version.
+
+### Breaking API changes
+
+* The `git_merge_tree_flag_t` is now `git_merge_flag_t`.  Subsequently,
+  its members are no longer prefixed with `GIT_MERGE_TREE_FLAG` but are
+  now prefixed with `GIT_MERGE_FLAG`, and the `tree_flags` field of the
+  `git_merge_options` structure is now named `flags`.
+
+* The `git_merge_file_flags_t` enum is now `git_merge_file_flag_t` for
+  consistency with other enum type names.
+
+* `git_cert` descendent types now have a proper `parent` member
+
+* It is the responsibility of the refdb backend to decide what to do
+  with the reflog on ref deletion. The file-based backend must delete
+  it, a database-backed one may wish to archive it.
+
+* `git_config_backend` has gained two entries. `lock` and `unlock`
+  with which to implement the transactional/atomic semantics for the
+  configuration backend.
+
+* `git_index_add` and `git_index_conflict_add()` will now use the case
+  as provided by the caller on case insensitive systems.  Previous
+  versions would keep the case as it existed in the index.  This does
+  not affect the higher-level `git_index_add_bypath` or
+  `git_index_add_frombuffer` functions.
+
+* The `notify_payload` field of `git_diff_options` was renamed to `payload`
+  to reflect that it's also the payload for the new progress callback.
+
+* The `git_config_level_t` enum has gained a higher-priority value
+  `GIT_CONFIG_LEVEL_PROGRAMDATA` which represent a rough Windows equivalent
+  to the system level configuration.
+
+* `git_rebase_options` now has a `merge_options` field.
+
+* The index no longer performs locking itself. This is not something
+  users of the library should have been relying on as it's not part of
+  the concurrency guarantees.
+
+* `git_remote_connect()` now takes a `custom_headers` argument to set
+  the extra HTTP header fields to send.
+
+v0.23
+------
+
+### Changes or improvements
+
+* Patience and minimal diff drivers can now be used for merges.
+
+* Merges can now ignore whitespace changes.
+
+* Updated binary identification in CRLF filtering to avoid false positives in
+  UTF-8 files.
+
+* Rename and copy detection is enabled for small files.
+
+* Checkout can now handle an initial checkout of a repository, making
+  `GIT_CHECKOUT_SAFE_CREATE` unnecessary for users of clone.
+
+* The signature parameter in the ref-modifying functions has been
+  removed. Use `git_repository_set_ident()` and
+  `git_repository_ident()` to override the signature to be used.
+
+* The local transport now auto-scales the number of threads to use
+  when creating the packfile instead of sticking to one.
+
+* Reference renaming now uses the right id for the old value.
+
+* The annotated version of branch creation, HEAD detaching and reset
+  allow for specifying the expression from the user to be put into the
+  reflog.
+
+* `git_rebase_commit` now returns `GIT_EUNMERGED` when you attempt to
+  commit with unstaged changes.
+
+* On Mac OS X, we now use SecureTransport to provide the cryptographic
+  support for HTTPS connections insead of OpenSSL.
+
+* Checkout can now accept an index for the baseline computations via the
+  `baseline_index` member.
+
+* The configuration for fetching is no longer stored inside the
+  `git_remote` struct but has been moved to a `git_fetch_options`. The
+  remote functions now take these options or the callbacks instead of
+  setting them beforehand.
+
+* `git_submodule` instances are no longer cached or shared across
+  lookup. Each submodule represents the configuration at the time of
+  loading.
+
+* The index now uses diffs for `add_all()` and `update_all()` which
+  gives it a speed boost and closer semantics to git.
+
+* The ssh transport now reports the stderr output from the server as
+  the error message, which allows you to get the "repository not
+  found" messages.
+
+* `git_index_conflict_add()` will remove staged entries that exist for
+  conflicted paths.
+
+* The flags for a `git_diff_file` will now have the `GIT_DIFF_FLAG_EXISTS`
+  bit set when a file exists on that side of the diff.  This is useful
+  for understanding whether a side of the diff exists in the presence of
+  a conflict.
+
+* The constructor for a write-stream into the odb now takes
+  `git_off_t` instead of `size_t` for the size of the blob, which
+  allows putting large files into the odb on 32-bit systems.
+
+* The remote's push and pull URLs now honor the url.$URL.insteadOf
+  configuration. This allows modifying URL prefixes to a custom
+  value via gitconfig.
+
+* `git_diff_foreach`, `git_diff_blobs`, `git_diff_blob_to_buffer`,
+  and `git_diff_buffers` now accept a new binary callback of type
+  `git_diff_binary_cb` that includes the binary diff information.
+
+* The race condition mitigations described in `racy-git.txt` have been
+  implemented.
+
+* If libcurl is installed, we will use it to connect to HTTP(S)
+  servers.
+
+### API additions
+
+* The `git_merge_options` gained a `file_flags` member.
+
+* Parsing and retrieving a configuration value as a path is exposed
+  via `git_config_parse_path()` and `git_config_get_path()`
+  respectively.
+
+* `git_repository_set_ident()` and `git_repository_ident()` serve to
+  set and query which identity will be used when writing to the
+  reflog.
+
+* `git_config_entry_free()` frees a config entry.
+
+* `git_config_get_string_buf()` provides a way to safely retrieve a
+  string from a non-snapshot configuration.
+
+* `git_annotated_commit_from_revspec()` allows to get an annotated
+  commit from an extended sha synatx string.
+
+* `git_repository_set_head_detached_from_annotated()`,
+  `git_branch_create_from_annotated()` and
+  `git_reset_from_annotated()` allow for the caller to provide an
+  annotated commit through which they can control what expression is
+  put into the reflog as the source/target.
+
+* `git_index_add_frombuffer()` can now create a blob from memory
+  buffer and add it to the index which is attached to a repository.
+
+* The structure `git_fetch_options` has been added to determine the
+  runtime configuration for fetching, such as callbacks, pruning and
+  autotag behaviour. It has the runtime initializer
+  `git_fetch_init_options()`.
+
+* The enum `git_fetch_prune_t` has been added, letting you specify the
+  pruning behaviour for a fetch.
+
+* A push operation will notify the caller of what updates it indends
+  to perform on the remote, which provides similar information to
+  git's pre-push hook.
+
+* `git_stash_apply()` can now apply a stashed state from the stash list,
+  placing the data into the working directory and index.
+
+* `git_stash_pop()` will apply a stashed state (like `git_stash_apply()`)
+  but will remove the stashed state after a successful application.
+
+* A new error code `GIT_EEOF` indicates an early EOF from the
+  server. This typically indicates an error with the URL or
+  configuration of the server, and tools can use this to show messages
+  about failing to communicate with the server.
+
+* A new error code `GIT_EINVALID` indicates that an argument to a
+  function is invalid, or an invalid operation was requested.
+
+* `git_diff_index_to_workdir()` and `git_diff_tree_to_index()` will now
+  produce deltas of type `GIT_DELTA_CONFLICTED` to indicate that the index
+  side of the delta is a conflict.
+
+* The `git_status` family of functions will now produce status of type
+  `GIT_STATUS_CONFLICTED` to indicate that a conflict exists for that file
+  in the index.
+
+* `git_index_entry_is_conflict()` is a utility function to determine if
+  a given index entry has a non-zero stage entry, indicating that it is
+  one side of a conflict.
+
+* It is now possible to pass a keypair via a buffer instead of a
+  path. For this, `GIT_CREDTYPE_SSH_MEMORY` and
+  `git_cred_ssh_key_memory_new()` have been added.
+
+* `git_filter_list_contains` will indicate whether a particular
+  filter will be run in the given filter list.
+
+* `git_commit_header_field()` has been added, which allows retrieving
+  the contents of an arbitrary header field.
+
+* `git_submodule_set_branch()` allows to set the configured branch for
+  a submodule.
+
+### API removals
+
+* `git_remote_save()` and `git_remote_clear_refspecs()` have been
+  removed. Remote's configuration is changed via the configuration
+  directly or through a convenience function which performs changes to
+  the configuration directly.
+
+* `git_remote_set_callbacks()`, `git_remote_get_callbacks()` and
+  `git_remote_set_transport()` have been removed and the remote no
+  longer stores this configuration.
+
+* `git_remote_set_fetch_refpecs()` and
+  `git_remote_set_push_refspecs()` have been removed. There is no
+  longer a way to set the base refspecs at run-time.
+
+* `git_submodule_save()` has been removed. The submodules are no
+  longer configured via the objects.
+
+* `git_submodule_reload_all()` has been removed as we no longer cache
+  submodules.
+
+### Breaking API changes
+
+* `git_smart_subtransport_cb` now has a `param` parameter.
+
+* The `git_merge_options` structure member `flags` has been renamed
+  to `tree_flags`.
+
+* The `git_merge_file_options` structure member `flags` is now
+  an unsigned int. It was previously a `git_merge_file_flags_t`.
+
+* `GIT_CHECKOUT_SAFE_CREATE` has been removed.  Most users will generally
+  be able to switch to `GIT_CHECKOUT_SAFE`, but if you require missing
+  file handling during checkout, you may now use `GIT_CHECKOUT_SAFE |
+  GIT_CHECKOUT_RECREATE_MISSING`.
+
+* The `git_clone_options` and `git_submodule_update_options`
+  structures no longer have a `signature` field.
+
+* The following functions have removed the signature and/or log message
+  parameters in favour of git-emulating ones.
+
+    * `git_branch_create()`, `git_branch_move()`
+    * `git_rebase_init()`, `git_rebase_abort()`
+    * `git_reference_symbolic_create_matching()`,
+      `git_reference_symbolic_create()`, `git_reference_create()`,
+      `git_reference_create_matching()`,
+      `git_reference_symbolic_set_target()`,
+      `git_reference_set_target()`, `git_reference_rename()`
+    * `git_remote_update_tips()`, `git_remote_fetch()`, `git_remote_push()`
+    * `git_repository_set_head()`,
+      `git_repository_set_head_detached()`,
+      `git_repository_detach_head()`
+    * `git_reset()`
+
+* `git_config_get_entry()` now gives back a ref-counted
+  `git_config_entry`. You must free it when you no longer need it.
+
+* `git_config_get_string()` will return an error if used on a
+  non-snapshot configuration, as there can be no guarantee that the
+  returned pointer is valid.
+
+* `git_note_default_ref()` now uses a `git_buf` to return the string,
+  as the string is otherwise not guaranteed to stay allocated.
+
+* `git_rebase_operation_current()` will return `GIT_REBASE_NO_OPERATION`
+  if it is called immediately after creating a rebase session but before
+  you have applied the first patch.
+
+* `git_rebase_options` now contains a `git_checkout_options` struct
+  that will be used for functions that modify the working directory,
+  namely `git_rebase_init`, `git_rebase_next` and
+  `git_rebase_abort`.  As a result, `git_rebase_open` now also takes
+  a `git_rebase_options` and only the `git_rebase_init` and
+  `git_rebase_open` functions take a `git_rebase_options`, where they
+  will persist the options to subsequent `git_rebase` calls.
+
+* The `git_clone_options` struct now has fetch options in a
+  `fetch_opts` field instead of remote callbacks in
+  `remote_callbacks`.
+
+* The remote callbacks has gained a new member `push_negotiation`
+  which gets called before sending the update commands to the server.
+
+* The following functions no longer act on a remote instance but
+  change the repository's configuration. Their signatures have changed
+  accordingly:
+
+    * `git_remote_set_url()`, `git_remote_seturl()`
+    * `git_remote_add_fetch()`, `git_remote_add_push()` and
+    * `git_remote_set_autotag()`
+
+* `git_remote_connect()` and `git_remote_prune()` now take a pointer
+  to the callbacks.
+
+* `git_remote_fetch()` and `git_remote_download()` now take a pointer
+  to fetch options which determine the runtime configuration.
+
+* The `git_remote_autotag_option_t` values have been changed. It has
+  gained a `_UNSPECIFIED` default value to specify no override for the
+  configured setting.
+
+* `git_remote_update_tips()` now takes a pointer to the callbacks as
+  well as a boolean whether to write `FETCH_HEAD` and the autotag
+  setting.
+
+* `git_remote_create_anonymous()` no longer takes a fetch refspec as
+  url-only remotes cannot have configured refspecs.
+
+* The `git_submodule_update_options` struct now has fetch options in
+  the `fetch_opts` field instead of callbacks in the
+  `remote_callbacks` field.
+
+* The following functions no longer act on a submodule instance but
+  change the repository's configuration. Their signatures have changed
+  accordingly:
+
+    * `git_submodule_set_url()`, `git_submodule_set_ignore()`,
+      `git_submodule_set_update()`,
+      `git_submodule_set_fetch_recurse_submodules()`.
+
+* `git_submodule_status()` no longer takes a submodule instance but a
+  repsitory, a submodule name and an ignore setting.
+
+* The `push` function in the `git_transport` interface now takes a
+  pointer to the remote callbacks.
+
+* The `git_index_entry` struct's fields' types have been changed to
+  more accurately reflect what is in fact stored in the
+  index. Specifically, time and file size are 32 bits intead of 64, as
+  these values are truncated.
+
+* `GIT_EMERGECONFLICT` is now `GIT_ECONFLICT`, which more accurately
+  describes the nature of the error.
+
+* It is no longer allowed to call `git_buf_grow()` on buffers
+  borrowing the memory they point to.
+
+v0.22
+------
+
+### Changes or improvements
+
+* `git_signature_new()` now requires a non-empty email address.
+
+* Use CommonCrypto libraries for SHA-1 calculation on Mac OS X.
+
+* Disable SSL compression and SSLv2 and SSLv3 ciphers in favor of TLSv1
+  in OpenSSL.
+
+* The fetch behavior of remotes with autotag set to `GIT_REMOTE_DOWNLOAD_TAGS_ALL`
+  has been changed to match git 1.9.0 and later. In this mode, libgit2 now
+  fetches all tags in addition to whatever else needs to be fetched.
+
+* `git_checkout()` now handles case-changing renames correctly on
+  case-insensitive filesystems; for example renaming "readme" to "README".
+
+* The search for libssh2 is now done via pkg-config instead of a
+  custom search of a few directories.
+
+* Add support for core.protectHFS and core.protectNTFS. Add more
+  validation for filenames which we write such as references.
+
+* The local transport now generates textual progress output like
+  git-upload-pack does ("counting objects").
+
+* `git_checkout_index()` can now check out an in-memory index that is not
+  necessarily the repository's index, so you may check out an index
+  that was produced by git_merge and friends while retaining the cached
+  information.
+
+* Remove the default timeout for receiving / sending data over HTTP using
+  the WinHTTP transport layer.
+
+* Add SPNEGO (Kerberos) authentication using GSSAPI on Unix systems.
+
+* Provide built-in objects for the empty blob (e69de29) and empty
+  tree (4b825dc) objects.
+
+* The index' tree cache is now filled upon read-tree and write-tree
+  and the cache is written to disk.
+
+* LF -> CRLF filter refuses to handle mixed-EOL files
+
+* LF -> CRLF filter now runs when * text = auto (with Git for Windows 1.9.4)
+
+* File unlocks are atomic again via rename. Read-only files on Windows are
+  made read-write if necessary.
+
+* Share open packfiles across repositories to share descriptors and mmaps.
+
+* Use a map for the treebuilder, making insertion O(1)
+
+* The build system now accepts an option EMBED_SSH_PATH which when set
+  tells it to include a copy of libssh2 at the given location. This is
+  enabled for MSVC.
+
+* Add support for refspecs with the asterisk in the middle of a
+  pattern.
+
+* Fetching now performs opportunistic updates. To achieve this, we
+  introduce a difference between active and passive refspecs, which
+  make `git_remote_download()` and `git_remote_fetch()` to take a list of
+  resfpecs to be the active list, similarly to how git fetch accepts a
+  list on the command-line.
+
+* The THREADSAFE option to build libgit2 with threading support has
+  been flipped to be on by default.
+
+* The remote object has learnt to prune remote-tracking branches. If
+  the remote is configured to do so, this will happen via
+  `git_remote_fetch()`. You can also call `git_remote_prune()` after
+  connecting or fetching to perform the prune.
+
+
+### API additions
+
+* Introduce `git_buf_text_is_binary()` and `git_buf_text_contains_nul()` for
+  consumers to perform binary detection on a git_buf.
+
+* `git_branch_upstream_remote()` has been introduced to provide the
+  branch.<name>.remote configuration value.
+
+* Introduce `git_describe_commit()` and `git_describe_workdir()` to provide
+  a description of the current commit (and working tree, respectively)
+  based on the nearest tag or reference
+
+* Introduce `git_merge_bases()` and the `git_oidarray` type to expose all
+  merge bases between two commits.
+
+* Introduce `git_merge_bases_many()` to expose all merge bases between
+  multiple commits.
+
+* Introduce rebase functionality (using the merge algorithm only).
+  Introduce `git_rebase_init()` to begin a new rebase session,
+  `git_rebase_open()` to open an in-progress rebase session,
+  `git_rebase_commit()` to commit the current rebase operation,
+  `git_rebase_next()` to apply the next rebase operation,
+  `git_rebase_abort()` to abort an in-progress rebase and `git_rebase_finish()`
+  to complete a rebase operation.
+
+* Introduce `git_note_author()` and `git_note_committer()` to get the author
+  and committer information on a `git_note`, respectively.
+
+* A factory function for ssh has been added which allows to change the
+  path of the programs to execute for receive-pack and upload-pack on
+  the server, `git_transport_ssh_with_paths()`.
+
+* The ssh transport supports asking the remote host for accepted
+  credential types as well as multiple challeges using a single
+  connection. This requires to know which username you want to connect
+  as, so this introduces the USERNAME credential type which the ssh
+  transport will use to ask for the username.
+
+* The `GIT_EPEEL` error code has been introduced when we cannot peel a tag
+  to the requested object type; if the given object otherwise cannot be
+  peeled, `GIT_EINVALIDSPEC` is returned.
+
+* Introduce `GIT_REPOSITORY_INIT_RELATIVE_GITLINK` to use relative paths
+  when writing gitlinks, as is used by git core for submodules.
+
+* `git_remote_prune()` has been added. See above for description.
+
+
+* Introduce reference transactions, which allow multiple references to
+  be locked at the same time and updates be queued. This also allows
+  us to safely update a reflog with arbitrary contents, as we need to
+  do for stash.
+
+### API removals
+
+* `git_remote_supported_url()` and `git_remote_is_valid_url()` have been
+  removed as they have become essentially useless with rsync-style ssh paths.
+
+* `git_clone_into()` and `git_clone_local_into()` have been removed from the
+  public API in favour of `git_clone callbacks`.
+
+* The option to ignore certificate errors via `git_remote_cert_check()`
+  is no longer present. Instead, `git_remote_callbacks` has gained a new
+  entry which lets the user perform their own certificate checks.
+
+### Breaking API changes
+
+* `git_cherry_pick()` is now `git_cherrypick()`.
+
+* The `git_submodule_update()` function was renamed to
+  `git_submodule_update_strategy()`. `git_submodule_update()` is now used to
+  provide functionalty similar to "git submodule update".
+
+* `git_treebuilder_create()` was renamed to `git_treebuilder_new()` to better
+  reflect it being a constructor rather than something which writes to
+  disk.
+
+* `git_treebuilder_new()` (was `git_treebuilder_create()`) now takes a
+  repository so that it can query repository configuration.
+  Subsequently, `git_treebuilder_write()` no longer takes a repository.
+
+* `git_threads_init()` and `git_threads_shutdown()` have been renamed to
+  `git_libgit2_init()` and `git_libgit2_shutdown()` to better explain what
+  their purpose is, as it's grown to be more than just about threads.
+
+* `git_libgit2_init()` and `git_libgit2_shutdown()` now return the number of
+  initializations of the library, so consumers may schedule work on the
+  first initialization.
+
+* The `git_transport_register()` function no longer takes a priority and takes
+  a URL scheme name (eg "http") instead of a prefix like "http://"
+
+* `git_index_name_entrycount()` and `git_index_reuc_entrycount()` now
+  return size_t instead of unsigned int.
+
+* The `context_lines` and `interhunk_lines` fields in `git_diff`_options are
+  now `uint32_t` instead of `uint16_t`. This allows to set them to `UINT_MAX`,
+  in effect asking for "infinite" context e.g. to iterate over all the
+  unmodified lines of a diff.
+
+* `git_status_file()` now takes an exact path. Use `git_status_list_new()` if
+  pathspec searching is needed.
+
+* `git_note_create()` has changed the position of the notes reference
+  name to match `git_note_remove()`.
+
+* Rename `git_remote_load()` to `git_remote_lookup()` to bring it in line
+  with the rest of the lookup functions.
+
+* `git_remote_rename()` now takes the repository and the remote's
+  current name. Accepting a remote indicates we want to change it,
+  which we only did partially. It is much clearer if we accept a name
+  and no loaded objects are changed.
+
+* `git_remote_delete()` now accepts the repository and the remote's name
+  instead of a loaded remote.
+
+* `git_merge_head` is now `git_annotated_commit`, to better reflect its usage
+  for multiple functions (including rebase)
+
+* The `git_clone_options` struct no longer provides the `ignore_cert_errors` or
+  `remote_name` members for remote customization.
+
+  Instead, the `git_clone_options` struct has two new members, `remote_cb` and
+  `remote_cb_payload`, which allow the caller to completely override the remote
+  creation process. If needed, the caller can use this callback to give their
+  remote a name other than the default (origin) or disable cert checking.
+
+  The `remote_callbacks` member has been preserved for convenience, although it
+  is not used when a remote creation callback is supplied.
+
+* The `git_clone`_options struct now provides `repository_cb` and
+  `repository_cb_payload` to allow the user to create a repository with
+  custom options.
+
+* The `git_push` struct to perform a push has been replaced with
+  `git_remote_upload()`. The refspecs and options are passed as a
+  function argument. `git_push_update_tips()` is now also
+  `git_remote_update_tips()` and the callbacks are in the same struct as
+  the rest.
+
+* The `git_remote_set_transport()` function now sets a transport factory function,
+  rather than a pre-existing transport instance.
+
+* The `git_transport` structure definition has moved into the sys/transport.h
+  file.
+
+* libgit2 no longer automatically sets the OpenSSL locking
+  functions. This is not something which we can know to do. A
+  last-resort convenience function is provided in sys/openssl.h,
+  `git_openssl_set_locking()` which can be used to set the locking.
diff --git a/docs/code_of_conduct.md b/docs/code_of_conduct.md
new file mode 100644
index 000000000..0a0e4ebab
--- /dev/null
+++ b/docs/code_of_conduct.md
@@ -0,0 +1,75 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [libgit2@gmail.com][email]. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[email]: mailto:libgit2@gmail.com
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
diff --git a/docs/contributing.md b/docs/contributing.md
new file mode 100644
index 000000000..870abf657
--- /dev/null
+++ b/docs/contributing.md
@@ -0,0 +1,175 @@
+# Welcome to libgit2!
+
+We're making it easy to do interesting things with git, and we'd love to have
+your help.
+
+## Licensing
+
+By contributing to libgit2, you agree to release your contribution under
+the terms of the license.  Except for the `examples` directory, all code
+is released under the [GPL v2 with linking exception](COPYING).
+
+The `examples` code is governed by the
+[CC0 Public Domain Dedication](examples/COPYING), so that you may copy
+from them into your own application.
+
+## Discussion & Chat
+
+We hang out in the
+[`#libgit2`](http://webchat.freenode.net/?channels=#libgit2)) channel on
+irc.freenode.net.
+
+Also, feel free to open an
+[Issue](https://github.com/libgit2/libgit2/issues/new) to start a discussion
+about any concerns you have.  We like to use Issues for that so there is an
+easily accessible permanent record of the conversation.
+
+## Libgit2 Versions
+
+The `master` branch is the main branch where development happens.
+Releases are tagged
+(e.g. [v0.21.0](https://github.com/libgit2/libgit2/releases/tag/v0.21.0) )
+and when a critical bug fix needs to be backported, it will be done on a
+`<tag>-maint` maintenance branch.
+
+## Reporting Bugs
+
+First, know which version of libgit2 your problem is in and include it in
+your bug report.  This can either be a tag (e.g.
+[v0.17.0](https://github.com/libgit2/libgit2/releases/tag/v0.17.0)) or a
+commit SHA
+(e.g. [01be7863](https://github.com/libgit2/libgit2/commit/01be7863)).
+Using [`git describe`](http://git-scm.com/docs/git-describe) is a
+great way to tell us what version you're working with.
+
+If you're not running against the latest `master` branch version,
+please compile and test against that to avoid re-reporting an issue that's
+already been fixed.
+
+It's *incredibly* helpful to be able to reproduce the problem.  Please
+include a list of steps, a bit of code, and/or a zipped repository (if
+possible).  Note that some of the libgit2 developers are employees of
+GitHub, so if your repository is private, find us on IRC and we'll figure
+out a way to help you.
+
+## Pull Requests
+
+Our work flow is a [typical GitHub
+flow](https://guides.github.com/introduction/flow/index.html), where
+contributors fork the [libgit2 repository](https://github.com/libgit2/libgit2),
+make their changes on branch, and submit a
+[Pull Request](https://help.github.com/articles/using-pull-requests)
+(a.k.a. "PR").  Pull requests should usually be targeted at the `master`
+branch.
+
+Life will be a lot easier for you (and us) if you follow this pattern
+(i.e. fork, named branch, submit PR).  If you use your fork's `master`
+branch directly, things can get messy.
+
+Please include a nice description of your changes when you submit your PR;
+if we have to read the whole diff to figure out why you're contributing
+in the first place, you're less likely to get feedback and have your change
+merged in.
+
+In addition to outlining your thought process in the PR's description, please
+also try to document it in your commits. We welcome it if every commit has a
+description of why you have been doing your changes alongside with your
+reasoning why this is a good idea. The messages shall be written in
+present-tense and in an imperative style (e.g. "Add feature foobar", not "Added
+feature foobar" or "Adding feature foobar"). Lines should be wrapped at 80
+characters so people with small screens are able to read the commit messages in
+their terminal without any problem.
+
+To make it easier to attribute commits to certain parts of our code base, we
+also prefer to have the commit subject be prefixed with a "scope". E.g. if you
+are changing code in our merging subsystem, make sure to prefix the subject with
+"merge:". The first word following the colon shall start with an lowercase
+letter. The maximum line length for the subject is 70 characters, preferably
+shorter.
+
+If you are starting to work on a particular area, feel free to submit a PR
+that highlights your work in progress (and note in the PR title that it's
+not ready to merge). These early PRs are welcome and will help in getting
+visibility for your fix, allow others to comment early on the changes and
+also let others know that you are currently working on something.
+
+Before wrapping up a PR, you should be sure to:
+
+* Write tests to cover any functional changes
+* Update documentation for any changed public APIs
+* Add to the [`changelog.md`](changelog.md) file describing any major changes
+
+## Unit Tests
+
+We believe that our unit tests allow us to keep the quality of libgit2
+high: any new changes must not cause unit test failures, and new changes
+should include unit tests that cover the bug fixes or new features.
+For bug fixes, we prefer unit tests that illustrate the failure before
+the change, but pass with your changes.
+
+In addition to new tests, please ensure that your changes do not cause
+any other test failures.  Running the entire test suite is helpful
+before you submit a pull request.  When you build libgit2, the test
+suite will also be built.  You can run most of the tests by simply running
+the resultant `libgit2_clar` binary.  If you want to run a specific
+unit test, you can name it with the `-s` option.  For example:
+
+    libgit2_clar -sstatus::worktree::long_filenames
+
+Or you can run an entire class of tests.  For example, to run all the
+worktree status tests:
+
+    libgit2_clar -sstatus::worktree
+
+The default test run is fairly exhaustive, but it will exclude some
+unit tests by default: in particular, those that talk to network
+servers and the tests that manipulate the filesystem in onerous
+ways (and may need to have special privileges to run).  To run the
+network tests:
+
+    libgit2_clar -ionline
+
+In addition, various tests may be enabled by environment variables,
+like the ones that write exceptionally large repositories or manipulate
+the filesystem structure in unexpected ways.  These tests *may be
+dangerous* to run on a normal machine and may harm your filesystem.  It's
+not recommended that you run these; instead, the continuous integration
+servers will run these (in a sandbox).
+
+## Porting Code From Other Open-Source Projects
+
+`libgit2` is licensed under the terms of the GPL v2 with a linking
+exception.  Any code brought in must be compatible with those terms.
+
+The most common case is porting code from core Git.  Git is a pure GPL
+project, which means that in order to port code to this project, we need the
+explicit permission of the author.  Check the
+[`git.git-authors`](https://github.com/libgit2/libgit2/blob/development/git.git-authors)
+file for authors who have already consented.
+
+Other licenses have other requirements; check the license of the library
+you're porting code *from* to see what you need to do.  As a general rule,
+MIT and BSD (3-clause) licenses are typically no problem.  Apache 2.0
+license typically doesn't work due to GPL incompatibility.
+
+If your pull request uses code from core Git, another project, or code
+from a forum / Stack Overflow, then *please* flag this in your PR and make
+sure you've given proper credit to the original author in the code
+snippet.
+
+## Style Guide
+
+The public API of `libgit2` is [ANSI C](http://en.wikipedia.org/wiki/ANSI_C)
+(a.k.a. C89) compatible.  Internally, `libgit2` is written using a portable
+subset of C99 - in order to compile with GCC, Clang, MSVC, etc., we keep
+local variable declarations at the tops of blocks only and avoid `//` style
+comments.  Additionally, `libgit2` follows some extra conventions for
+function and type naming, code formatting, and testing.
+
+We like to keep the source code consistent and easy to read.  Maintaining
+this takes some discipline, but it's been more than worth it.  Take a look
+at the [conventions file](conventions.md).
+
+## Starter Projects
+
+See our [projects list](projects.md).
diff --git a/docs/conventions.md b/docs/conventions.md
new file mode 100644
index 000000000..ffb696a4d
--- /dev/null
+++ b/docs/conventions.md
@@ -0,0 +1,266 @@
+# Libgit2 Conventions
+
+We like to keep the source consistent and readable.  Herein are some
+guidelines that should help with that.
+
+## External API
+
+We have a few rules to avoid surprising ways of calling functions and
+some rules for consumers of the library to avoid stepping on each
+other's toes.
+
+ - Property accessors return the value directly (e.g. an `int` or
+   `const char *`) but if a function can fail, we return a `int` value
+   and the output parameters go first in the parameter list, followed
+   by the object that a function is operating on, and then any other
+   arguments the function may need.
+
+ - If a function returns an object as a return value, that function is
+   a getter and the object's lifetime is tied to the parent
+   object. Objects which are returned as the first argument as a
+   pointer-to-pointer are owned by the caller and it is responsible
+   for freeing it. Strings are returned via `git_buf` in order to
+   allow for re-use and safe freeing.
+
+ - Most of what libgit2 does relates to I/O so as a general rule
+   you should assume that any function can fail due to errors as even
+   getting data from the filesystem can result in all sorts of errors
+   and complex failure cases.
+
+ - Paths inside the Git system are separated by a slash (0x2F). If a
+   function accepts a path on disk, then backslashes (0x5C) are also
+   accepted on Windows.
+
+ - Do not mix allocators. If something has been allocated by libgit2,
+   you do not know which is the right free function in the general
+   case. Use the free functions provided for each object type.
+
+## Compatibility
+
+`libgit2` runs on many different platforms with many different compilers.
+
+The public API of `libgit2` is [ANSI C](http://en.wikipedia.org/wiki/ANSI_C)
+(a.k.a. C89) compatible.
+
+Internally, `libgit2` is written using a portable subset of C99 - in order
+to maximize compatibility (e.g. with MSVC) we avoid certain C99
+extensions.  Specifically, we keep local variable declarations at the tops
+of blocks only and we avoid `//` style comments.
+
+Also, to the greatest extent possible, we try to avoid lots of `#ifdef`s
+inside the core code base.  This is somewhat unavoidable, but since it can
+really hamper maintainability, we keep it to a minimum.
+
+## Match Surrounding Code
+
+If there is one rule to take away from this document, it is *new code should
+match the surrounding code in a way that makes it impossible to distinguish
+the new from the old.* Consistency is more important to us than anyone's
+personal opinion about where braces should be placed or spaces vs. tabs.
+
+If a section of code is being completely rewritten, it is okay to bring it
+in line with the standards that are laid out here, but we will not accept
+submissions that contain a large number of changes that are merely
+reformatting.
+
+## Naming Things
+
+All external types and functions start with `git_` and all `#define` macros
+start with `GIT_`.  The `libgit2` API is mostly broken into related
+functional modules each with a corresponding header.  All functions in a
+module should be named like `git_modulename_functioname()`
+(e.g. `git_repository_open()`).
+
+Functions with a single output parameter should name that parameter `out`.
+Multiple outputs should be named `foo_out`, `bar_out`, etc.
+
+Parameters of type `git_oid` should be named `id`, or `foo_id`.  Calls that
+return an OID should be named `git_foo_id`.
+
+Where a callback function is used, the function should also include a
+user-supplied extra input that is a `void *` named "payload" that will be
+passed through to the callback at each invocation.
+
+## Typedefs
+
+Wherever possible, use `typedef`.  In some cases, if a structure is just a
+collection of function pointers, the pointer types don't need to be
+separately typedef'd, but loose function pointer types should be.
+
+## Exports
+
+All exported functions must be declared as:
+
+```c
+GIT_EXTERN(result_type) git_modulename_functionname(arg_list);
+```
+
+## Internals
+
+Functions whose *modulename* is followed by two underscores,
+for example `git_odb__read_packed`, are semi-private functions.
+They are primarily intended for use within the library itself,
+and may disappear or change their signature in a future release.
+
+## Parameters
+
+Out parameters come first.
+
+Whenever possible, pass argument pointers as `const`.  Some structures (such
+as `git_repository` and `git_index`) have mutable internal structure that
+prevents this.
+
+Callbacks should always take a `void *` payload as their last parameter.
+Callback pointers are grouped with their payloads, and typically come last
+when passed as arguments:
+
+```c
+int git_foo(git_repository *repo, git_foo_cb callback, void *payload);
+```
+
+## Memory Ownership
+
+Some APIs allocate memory which the caller is responsible for freeing; others
+return a pointer into a buffer that's owned by some other object.  Make this
+explicit in the documentation.
+
+## Return codes
+
+Most public APIs should return an `int` error code.  As is typical with most
+C library functions, a zero value indicates success and a negative value
+indicates failure.
+
+Some bindings will transform these returned error codes into exception
+types, so returning a semantically appropriate error code is important.
+Check
+[`include/git2/errors.h`](https://github.com/libgit2/libgit2/blob/development/include/git2/errors.h)
+for the return codes already defined.
+
+In your implementation, use `giterr_set()` to provide extended error
+information to callers.
+
+If a `libgit2` function internally invokes another function that reports an
+error, but the error is not propagated up, use `giterr_clear()` to prevent
+callers from getting the wrong error message later on.
+
+
+## Structs
+
+Most public types should be opaque, e.g.:
+
+```C
+typedef struct git_odb git_odb;
+```
+
+...with allocation functions returning an "instance" created within
+the library, and not within the application.  This allows the type
+to grow (or shrink) in size without rebuilding client code.
+
+To preserve ABI compatibility, include an `int version` field in all opaque
+structures, and initialize to the latest version in the construction call.
+Increment the "latest" version whenever the structure changes, and try to only
+append to the end of the structure.
+
+## Option Structures
+
+If a function's parameter count is too high, it may be desirable to package
+up the options in a structure.  Make them transparent, include a version
+field, and provide an initializer constant or constructor.  Using these
+structures should be this easy:
+
+```C
+git_foo_options opts = GIT_FOO_OPTIONS_INIT;
+opts.baz = BAZ_OPTION_ONE;
+git_foo(&opts);
+```
+
+## Enumerations
+
+Typedef all enumerated types.  If each option stands alone, use the enum
+type for passing them as parameters; if they are flags to be OR'ed together,
+pass them as `unsigned int` or `uint32_t` or some appropriate type.
+
+## Code Layout
+
+Try to keep lines less than 80 characters long.  This is a loose
+requirement, but going significantly over 80 columns is not nice.
+
+Use common sense to wrap most code lines; public function declarations
+can use a couple of different styles:
+
+```c
+/** All on one line is okay if it fits */
+GIT_EXTERN(int) git_foo_simple(git_oid *id);
+
+/** Otherwise one argument per line is a good next step */
+GIT_EXTERN(int) git_foo_id(
+	git_oid **out,
+	int a,
+	int b);
+```
+
+Indent with tabs; set your editor's tab width to 4 for best effect.
+
+Avoid trailing whitespace and only commit Unix-style newlines (i.e. no CRLF
+in the repository - just set `core.autocrlf` to true if you are writing code
+on a Windows machine).
+
+## Documentation
+
+All comments should conform to Doxygen "javadoc" style conventions for
+formatting the public API documentation.  Try to document every parameter,
+and keep the comments up to date if you change the parameter list.
+
+## Public Header Template
+
+Use this template when creating a new public header.
+
+```C
+#ifndef INCLUDE_git_${filename}_h__
+#define INCLUDE_git_${filename}_h__
+
+#include "git/common.h"
+
+/**
+ * @file git/${filename}.h
+ * @brief Git some description
+ * @defgroup git_${filename} some description routines
+ * @ingroup Git
+ * @{
+ */
+GIT_BEGIN_DECL
+
+/* ... definitions ... */
+
+/** @} */
+GIT_END_DECL
+#endif
+```
+
+## Inlined functions
+
+All inlined functions must be declared as:
+
+```C
+GIT_INLINE(result_type) git_modulename_functionname(arg_list);
+```
+
+`GIT_INLINE` (or `inline`) should not be used in public headers in order
+to preserve ANSI C compatibility.
+
+## Tests
+
+`libgit2` uses the [clar](https://github.com/vmg/clar) testing framework.
+
+All PRs should have corresponding tests.
+
+* If the PR fixes an existing issue, the test should fail prior to applying
+  the PR and succeed after applying it.
+* If the PR is for new functionality, then the tests should exercise that
+  new functionality to a certain extent.  We don't require 100% coverage
+  right now (although we are getting stricter over time).
+
+When adding new tests, we prefer if you attempt to reuse existing test data
+(in `tests-clar/resources/`) if possible.  If you are going to add new test
+repositories, please try to strip them of unnecessary files (e.g. sample
+hooks, etc).
diff --git a/docs/projects.md b/docs/projects.md
new file mode 100644
index 000000000..1b9f47648
--- /dev/null
+++ b/docs/projects.md
@@ -0,0 +1,93 @@
+Projects For LibGit2
+====================
+
+So, you want to start helping out with `libgit2`? That's fantastic! We
+welcome contributions and we promise we'll try to be nice.
+
+This is a list of libgit2 related projects that new contributors can take
+on.  It includes a number of good starter projects as well as some larger
+ideas that no one is actively working on.
+
+## Before You Start
+
+Please start by reading the [README.md](../README.md),
+[contributing.md](contributing.md), and [conventions.md](conventions.md)
+files before diving into one of these projects.  Those explain our work
+flow and coding conventions to help ensure that your work will be easily
+integrated into libgit2.
+
+Next, work through the build instructions and make sure you can clone the
+repository, compile it, and run the tests successfully.  That will make
+sure that your development environment is set up correctly and you are
+ready to start on libgit2 development.
+
+## Starter Projects
+
+These are good small projects to get started with libgit2.
+
+* Look at the `examples/` programs, find an existing one that mirrors a
+  core Git command and add a missing command-line option.  There are many
+  gaps right now and this helps demonstrate how to use the library.  Here
+  are some specific ideas (though there are many more):
+    * Fix the `examples/diff.c` implementation of the `-B`
+      (a.k.a. `--break-rewrites`) command line option to actually look for
+      the optional `[<n>][/<m>]` configuration values. There is an
+      existing comment that reads `/* TODO: parse thresholds */`. The
+      trick to this one will be doing it in a manner that is clean and
+      simple, but still handles the various cases correctly (e.g. `-B/70%`
+      is apparently a legal setting).
+    * As an extension to the matching idea for `examples/log.c`, add the
+      `-i` option to use `strcasestr()` for matches.
+    * For `examples/log.c`, implement the `--first-parent` option now that
+      libgit2 supports it in the revwalk API.
+* Pick a Git command that is not already emulated in `examples/` and write
+  a new example that mirrors the behavior.  Examples don't have to be
+  perfect emulations, but should demonstrate how to use the libgit2 APIs
+  to get results that are similar to Git commands.  This lets you (and us)
+  easily exercise a particular facet of the API and measure compatibility
+  and feature parity with core git.
+* Submit a PR to clarify documentation! While we do try to document all of
+  the APIs, your fresh eyes on the documentation will find areas that are
+  confusing much more easily.
+
+If none of these appeal to you, take a look at our issues list to see if
+there are any unresolved issues you'd like to jump in on.
+
+## Larger Projects
+
+These are ideas for larger projects mostly taken from our backlog of
+[Issues](https://github.com/libgit2/libgit2/issues).  Please don't dive
+into one of these as a first project for libgit2 - we'd rather get to
+know you first by successfully shipping your work on one of the smaller
+projects above.
+
+Some of these projects are broken down into subprojects and/or have
+some incremental steps listed towards the larger goal.  Those steps
+might make good smaller projects by themselves.
+
+* Port part of the Git test suite to run against the command line emulation
+  in `examples/`
+    * Pick a Git command that is emulated in our `examples/` area
+    * Extract the Git tests that exercise that command
+    * Convert the tests to call our emulation
+    * These tests could go in `examples/tests/`...
+* Add hooks API to enumerate and manage hooks (not run them at this point)
+    * Enumeration of available hooks
+    * Lookup API to see which hooks have a script and get the script
+    * Read/write API to load a hook script and write a hook script
+    * Eventually, callback API to invoke a hook callback when libgit2
+      executes the action in question
+* Isolate logic of ignore evaluation into a standalone API
+* Upgrade internal libxdiff code to latest from core Git
+* Tree builder improvements:
+    * Extend to allow building a tree hierarchy
+* Apply-patch API
+* Add a patch editing API to enable "git add -p" type operations
+* Textconv API to filter binary data before generating diffs (something
+  like the current Filter API, probably).
+* Performance profiling and improvement
+* Support "git replace" ref replacements
+* Include conflicts in diff results and in status
+    * GIT_DELTA_CONFLICT for items in conflict (with multiple files)
+    * Appropriate flags for status
+* Support sparse checkout (i.e. "core.sparsecheckout" and ".git/info/sparse-checkout")
diff --git a/docs/release.md b/docs/release.md
index 9c5b6a7ca..a8eff056d 100644
--- a/docs/release.md
+++ b/docs/release.md
@@ -15,8 +15,8 @@ We aim to release once every six months. We start the process by opening an issu
     - [ ] Make a release candidate
     - [ ] Plug any final leaks
     - [ ] Fix any last-minute issues
-    - [ ] Make sure CHANGELOG reflects everything worth discussing
-    - [ ] Update the version in CHANGELOG and the header
+    - [ ] Make sure changelog.md reflects everything worth discussing
+    - [ ] Update the version in changelog.md and the header
     - [ ] Produce a release candidate
     - [ ] Tag
     - [ ] Create maint/v0.X
@@ -26,13 +26,13 @@ We tag at least one release candidate. This RC must carry the new version in the
 
 Preparing the first release candidate includes updating the version number of libgit2 to the new version number. To do so, a pull request shall be submitted that adjusts the version number in the following places:
 
-- CHANGELOG.md
+- docs/changelog.md
 - include/git2/version.h
 - package.json
 
 As soon as the pull request is merged, the merge commit shall be tagged with a lightweight tag.
 
-The tagging happens via GitHub's "releases" tab which lets us attach release notes to a particular tag. In the description we include the changes in `CHANGELOG.md` between the last full release. Use the following as a base for the release notes
+The tagging happens via GitHub's "releases" tab which lets us attach release notes to a particular tag. In the description we include the changes in `docs/changelog.md` between the last full release. Use the following as a base for the release notes
 
     This is the first release of the v0.X series, <codename>. The changelog follows.
 
diff --git a/docs/threading.md b/docs/threading.md
new file mode 100644
index 000000000..430bca858
--- /dev/null
+++ b/docs/threading.md
@@ -0,0 +1,115 @@
+Threads in libgit2
+==================
+
+You may safely use any libgit2 object from any thread, though there
+may be issues depending on the cryptographic libraries libgit2 or its
+dependencies link to (more on this later). For libgit2 itself,
+provided you take the following into consideration you won't run into
+issues:
+
+Sharing objects
+---------------
+
+Use an object from a single thread at a time. Most data structures do
+not guard against concurrent access themselves. This is because they
+are rarely used in isolation and it makes more sense to synchronize
+access via a larger lock or similar mechanism.
+
+There are some objects which are read-only/immutable and are thus safe
+to share across threads, such as references and configuration
+snapshots.
+
+Error messages
+--------------
+
+The error message is thread-local. The `giterr_last()` call must
+happen on the same thread as the error in order to get the
+message. Often this will be the case regardless, but if you use
+something like the [GCD](http://en.wikipedia.org/wiki/Grand_Central_Dispatch)
+on Mac OS X (where code is executed on an arbitrary thread), the code
+must make sure to retrieve the error code on the thread where the error
+happened.
+
+Threads and cryptographic libraries
+=======================================
+
+On Windows
+----------
+
+When built as a native Windows DLL, libgit2 uses WinCNG and WinHTTP,
+both of which are thread-safe. You do not need to do anything special.
+
+When using libssh2 which itself uses WinCNG, there are no special
+steps necessary. If you are using a MinGW or similar environment where
+libssh2 uses OpenSSL or libgcrypt, then the general case affects
+you.
+
+On Mac OS X
+-----------
+
+By default we use libcurl to perform the encryption. The
+system-provided libcurl uses SecureTransport, so no special steps are
+necessary. If you link against another libcurl (e.g. from homebrew)
+refer to the general case.
+
+If the option to use libcurl was deactivated, the library makes use of
+CommonCrypto and SecureTransport for cryptographic support. These are
+thread-safe and you do not need to do anything special.
+
+Note that libssh2 may still use OpenSSL itself. In that case, the
+general case still affects you if you use ssh.
+
+General Case
+------------
+
+If it's available, by default we use libcurl to provide HTTP tunneling support,
+which may be linked against a number of cryptographic libraries and has its
+own
+[recommendations for thread safety](https://curl.haxx.se/libcurl/c/threadsafe.html).
+
+If there are no alternative TLS implementations (currently only
+SecureTransport), libgit2 uses OpenSSL in order to use HTTPS as a transport.
+OpenSSL is thread-safe starting at version 1.1.0. If your copy of libgit2 is
+linked against that version, you do not need to take any further steps.
+
+Older versions of OpenSSL are made to be thread-implementation agnostic, and the
+users of the library must set which locking function it should use. libgit2
+cannot know what to set as the user of libgit2 may also be using OpenSSL independently and
+the locking settings must then live outside the lifetime of libgit2.
+
+Even if libgit2 doesn't use OpenSSL directly, OpenSSL can still be used by
+libssh2 or libcurl depending on the configuration. If OpenSSL is used by
+more than one library, you only need to set up threading for OpenSSL once.
+
+If libgit2 is linked against OpenSSL, it provides a last-resort convenience function
+`git_openssl_set_locking()` (available in `sys/openssl.h`) to use the
+platform-native mutex mechanisms to perform the locking, which you can use
+if you do not want to use OpenSSL outside of libgit2, or you
+know that libgit2 will outlive the rest of the operations. It is then not
+safe to use OpenSSL multi-threaded after libgit2's shutdown function
+has been called.  Note `git_openssl_set_locking()` only works if
+libgit2 uses OpenSSL directly - if OpenSSL is only used as a dependency
+of libssh2 or libcurl as described above, `git_openssl_set_locking()` is a no-op.
+
+If your programming language offers a package/bindings for OpenSSL,
+you should very strongly prefer to use that in order to set up
+locking, as they provide a level of coordination which is impossible
+when using this function.
+
+See the
+[OpenSSL documentation](https://www.openssl.org/docs/crypto/threads.html)
+on threading for more details, and http://trac.libssh2.org/wiki/MultiThreading
+for a specific example of providing the threading callbacks.
+
+libssh2 may be linked against OpenSSL or libgcrypt. If it uses OpenSSL,
+see the above paragraphs. If it uses libgcrypt, then you need to
+set up its locking before using it multi-threaded. libgit2 has no
+direct connection to libgcrypt and thus has no convenience functions for
+it (but libgcrypt has macros). Read libgcrypt's
+[threading documentation for more information](http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html)
+
+It is your responsibility as an application author or packager to know
+what your dependencies are linked against and to take the appropriate
+steps to ensure the cryptographic libraries are thread-safe. We agree
+that this situation is far from ideal but at this time it is something
+the application authors need to deal with.
diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md
new file mode 100644
index 000000000..085fff831
--- /dev/null
+++ b/docs/troubleshooting.md
@@ -0,0 +1,13 @@
+Troubleshooting libgit2 Problems
+================================
+
+CMake Failures
+--------------
+
+* **`Asked for OpenSSL TLS backend, but it wasn't found`**
+  CMake cannot find your SSL/TLS libraries.  By default, libgit2 always
+  builds with HTTPS support, and you are encouraged to install the
+  OpenSSL libraries for your system (eg, `apt-get install libssl-dev`).
+
+  For development, if you simply want to disable HTTPS support entirely,
+  pass the `-DUSE_HTTPS=OFF` argument to `cmake` when configuring it.