Google Git
Sign in
gerrit / gerrit / 05bc211a5bed0db3a06ad46c79676d735484d9d2
commit05bc211a5bed0db3a06ad46c79676d735484d9d2[log] [tgz]
authorEdwin Kempin <ekempin@google.com>Mon Feb 19 16:14:03 2024 +0000
committerEdwin Kempin <ekempin@google.com>Fri Apr 12 07:16:58 2024 +0000
treec980f04dfecb9c6848faea9df2ea2dc7a2de13c6
parent22e19f2965b1ad1a53db8a083b6ed08f1b13ccf6 [diff]
Fix endless loop when using "is:watched" in project watches

The "is:watched" predicate matches changes that are being watched.

To match changes that are being watched the "is:watched" predicate is
expanded to an OR query that has one "project:<watched-project>
<project-watch-filter>" predicate per project watch
("project:<watched-project>" is omitted if the project watch is the
All-Projects project, "<project-watch-filter>" is omitted if the project
watch doesn't set a filter). This expansion happens when the
IsWatchedByPredicate is instantiated. Expanding the query requires
loading the project watches of the user and parsing the filter (to
convert the filter string into Predicates).

If the filter of a project watch used the "is:watched" predicate,
querying changes by "is:watched" or checking whether a change matches
the project watch triggered an endless loop: If "is:watched" is used
ChangeQueryBuilder.parse creates an IsWatchedByPredicate instance (in
the is(String) method), which is expanded to the OR query (in the
IsWatchedByPredicate constructor), which requires parsing the project
watch filters. Parsing the project watch filters was done by
ChangeQueryBuilder.parse which creates another IsWatchedByPredicate
instance (in the is(String) method), which is again expanded to the OR
query (in the IsWatchedByPredicate constructor), which again requires
parsing the project watch filters, starting the loop anew.

To fix this we:

1. Disallow using "is:watched" in ProjectWatch.WatcherChangeQueryBuilder
   which is a subclass of ChangeQueryBuilder.parse used to check whether
   a change matches a project watch.

2. Change IsWatchedByPredicate to use
   ProjectWatch.WatcherChangeQueryBuilder to parse the project watch
   filters instead of ChangeQueryBuilder.

Using ProjectWatch.WatcherChangeQueryBuilder in IsWatchedByPredicate
makes the matching logic for project watches when a change is updated
consistent with the matching logic for project watches when "is:watched"
is used in a regular change query.

By disallowing "is:watched" in ProjectWatch.WatcherChangeQueryBuilder
project watches that use "is:watched" in their filter do not match any
change now. Before this change they triggered an endless loop, affecting
the stability of the service.

Note, IsWatchedByPredicate did have a check to prevent an endless loop
in this case, but it didn't work since the endless loop happened before
this check was reached.

Bug: Issue 321784734
Release-Notes: Fix endless loop when using "is:watched" in project watches
Change-Id: Ie38535b2df123a62dfd6a6e4b4ee60a80b0254f3
Signed-off-by: Edwin Kempin <ekempin@google.com>
4 files changed
tree: c980f04dfecb9c6848faea9df2ea2dc7a2de13c6
  1. .settings/
  2. .ts-out/
  3. antlr3/
  4. contrib/
  5. Documentation/
  6. e2e-tests/
  7. java/
  8. javatests/
  9. lib/
  10. modules/
  11. plugins/
  12. polygerrit-ui/
  13. prolog/
  14. prologtests/
  15. proto/
  16. resources/
  17. tools/
  18. webapp/
  19. polymer-bridges
  20. .bazelignore
  21. .bazelproject
  22. .bazelrc
  23. .bazelversion
  24. .editorconfig
  25. .git-blame-ignore-revs
  26. .gitignore
  27. .gitmodules
  28. .gitreview
  29. .pydevproject
  30. .zuul.yaml
  31. BUILD
  32. COPYING
  33. INSTALL
  34. Jenkinsfile
  35. package.json
  36. README.md
  37. SUBMITTING_PATCHES
  38. version.bzl
  39. web-dev-server.config.mjs
  40. WORKSPACE
  41. yarn.lock
README.md

Gerrit Code Review

Gerrit is a code review and project management tool for Git based projects.

Build Status Maven Central

Objective

Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer.

Documentation

For information about how to install and use Gerrit, refer to the documentation.

Source

Our canonical Git repository is located on googlesource.com. There is a mirror of the repository on Github.

Reporting bugs

Please report bugs on the issue tracker.

Contribute

Gerrit is the work of hundreds of contributors. We appreciate your help!

Please read the contribution guidelines.

Note that we do not accept Pull Requests via the Github mirror.

Getting in contact

The Developer Mailing list is repo-discuss on Google Groups.

License

Gerrit is provided under the Apache License 2.0.

Build

Install Bazel and run the following:

    git clone --recurse-submodules https://gerrit.googlesource.com/gerrit
    cd gerrit && bazel build release

Install binary packages (Deb/Rpm)

The instruction how to configure GerritForge/BinTray repositories is here

On Debian/Ubuntu run:

    apt-get update && apt-get install gerrit=<version>-<release>

NOTE: release is a counter that starts with 1 and indicates the number of packages that have been released with the same version of the software.

On CentOS/RedHat run:

    yum clean all && yum install gerrit-<version>[-<release>]

On Fedora run:

    dnf clean all && dnf install gerrit-<version>[-<release>]

Use pre-built Gerrit images on Docker

Docker images of Gerrit are available on DockerHub

To run a CentOS 8 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-centos8

To run a Ubuntu 20.04 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-ubuntu20

NOTE: release is optional. Last released package of the version is installed if the release number is omitted.