Draft 2.1.2 release notes
Change-Id: Ifb29b1b3879c65ba957dc71f9c58fde8d7e102a6
Signed-off-by: Shawn O. Pearce <sop@google.com>
diff --git a/Documentation/access-control.txt b/Documentation/access-control.txt
index 4ac6cac..931ca3f 100644
--- a/Documentation/access-control.txt
+++ b/Documentation/access-control.txt
@@ -479,6 +479,7 @@
the lowest negative value if present blocks a submit, while the
highest positive value is required to enable submit.
+[[function_MaxNoBlock]]
There is also a `MaxNoBlock` category which still requires the
highest positive value to submit, but the lowest negative value will
not block the change, and does not carry over between patch sets.
diff --git a/ReleaseNotes/ReleaseNotes-2.1.2.txt b/ReleaseNotes/ReleaseNotes-2.1.2.txt
new file mode 100644
index 0000000..1736360
--- /dev/null
+++ b/ReleaseNotes/ReleaseNotes-2.1.2.txt
@@ -0,0 +1,424 @@
+Release notes for Gerrit 2.1.2
+==============================
+
+Gerrit 2.1.2 is now available in the usual location:
+
+link:http://code.google.com/p/gerrit/downloads/list[http://code.google.com/p/gerrit/downloads/list]
+
+Schema Change
+-------------
+
+*WARNING* This release contains multiple schema changes. To upgrade:
+----
+ java -jar gerrit.war init -d site_path
+----
+
+
+Breakages
+---------
+
+* issue 421 Force validation of the author and committer lines
++
+The author line must now match the authenticated user when uploading a
+change, and both author and committer must match when pushing directly
+into a branch with the Push Branch permission. This is a new
+restriction that did not exist in prior versions and was necessary to
+close a hole that permitted users to completely forge commits if they
+had Push Branch +1 granted.
++
+Project owners may grant the new Forge Identity permission to permit a
+user group to forge the author and/or committer lines in commit
+objects they are pushing for review, or directly into a branch. To
+match prior behavior grant Forge Identity +1 where Read +2 (Upload)
+exists, and Forge Identity +2 where Push Branch >= +1 exists.
+
+
+New Features
+------------
+
+UI
+~~
+
+* issue 169 Highlight line-level (aka word) differences in files
++
+Differences within a replaced line are now highlighted with a brighter
+red or green background color. The highlighting algorithm is still
+crude and could benefit from more fine-tuning, as its largely driven
+by a simple Myers O(ND) character difference over the replaced lines.
+
+* issue 408 Show summary of code review, verified on all open changes
++
+The open changes views now show the status summary columns, just like
+a user dashboard shows. This requires an extra RPC per page display,
+but can save user time when trying to identify which reviews should be
+examined.
+
+* Only enable 'Delete' button when there are selections
++
+In Settings panels the delete button is enabled only if at least one
+row has been selected to be removed.
+
+* SSH commands stop option parsing on \--
++
+Like most POSIX commands, `\--` now signifies the end of options for
+any command accessible over SSH.
+
+* issue 416 Add download links to side-by-side viewer
++
+The side-by-side viewer now offers links to download the complete file
+of either the left or right side. To protect the users from malicious
+cross-site scripting attacks, the download links force the content to
+be wrapped inside of a ZIP archive with a randomized file name.
+Server administrators may use the mimetype.safe configuration setting
+to avoid this wrapping if they trust users to only upload safe file
+content.
+
+* Include formatted HTML documentation in WAR
++
+Official release WARs now contain the formatted HTML documentation,
+and a 'Documentation' menu will display in the main UI (alongside
+'All', 'My', 'Admin') to help users access the local copy rather
+than jumping to the remote Google Code project site.
+
+* Enhanced patch set download commands
++
+Download commands for patch sets are now offered as a tabbed panel,
+allowing the user to select between 'repo download', 'git pull',
+or 'git fetch ... && git cherry-pick' styles, as well as to select
+the transport protocol used, including anonymous Git or HTTP, or
+authenticated SSH or HTTP. The current selections are remembered
+for signed-in users, permitting end-users to quickly reuse their
+preferred method of grabbing a patch set.
+
+* issue 405 Add canned per-line comment reply of 'Done'
+* issue 380 Use N/P to jump to next/previous comments
+
+Permissions
+~~~~~~~~~~~
+
+* issue 60 Change permissions to be branch based
++
+Almost all permissions are now per-branch within each project. This
+includes Code Review, Verified, Submit, Push Branch, and even Owner.
+Permissions can be set on a specific branch, or on a wildcard that
+matches all branches that start with that prefix. Read permission is
+still handled at the project level, but future versions should support
+per-branch read access as well.
+
+* MaxNoBlock category for advisory review levels
++
+The new MaxNoBlock category function can be used in a custom approval
+category for reviews that are performed by automated lint tools.
+See link:http://gerrit.googlecode.com/svn/documentation/2.1.2/access-control.html#function_MaxNoBlock[access control]
+for more details on this function.
+
+Remote Access
+~~~~~~~~~~~~~
+
+* Enable smart HTTP under /p/ URLs
++
+Git 1.6.6 and later support a more efficient HTTP protocol for both
+fetch/clone and push, by relying upon Git specific server side logic.
+Gerrit Code Review now includes the necessary server side support when
+accessing repositories using URLs of the form
+`http://review.example.com/p/'$projectname'.git`.
++
+Authentication over smart HTTP URLs is performed using standard HTTP
+digest authentication, with the username matching the SSH username,
+but the password coming from a field that is generated by Gerrit and
+accessible to the user on their Settings > SSH Keys tab.
++
+Smart HTTP requests enter the same resource queue as SSH requests,
+using the embedded Jetty server to suspend the request and later
+resume it when processing resources are available. This ensures HTTP
+repository requests don't overtax the server when made concurrently
+with SSH requests.
+
+* issue 392 Make hooks/commit-msg available over HTTP
++
+The scp filesystem holding client side tools and hooks is now
+avaliable over `http://review.example.com/tools/'$name'`. User
+documentation was updated with example URLs.
+
+Server Administration
+~~~~~~~~~~~~~~~~~~~~~
+
+* issue 383 Add event hook support
++
+Site administrator managed hook scripts can now be invoked at various
+points in processing. Currently these scripts are informational only
+and cannot influence the outcome of an event. For more details see
+link:http://gerrit.googlecode.com/svn/documentation/2.1.2/config-hooks.html[hooks].
+
+* Log HTTP activity to $site_path/logs/httpd_log
++
+When httpd.listenUrl is http:// or https://, requests are logged into
+`'$site_path'/logs/httpd_log`. This mirrors the behavior of the SSH
+daemon, which also logs requests into the same directory. For proxy
+URLs HTTP requests aren't logged, since the front-end server should be
+handling the logging. Logging can be forced on, or forced off by
+setting link:http://gerrit.googlecode.com/svn/documentation/2.1.2/config-gerrit.html#httpd.requestLog[httpd.requestLog].
+
+* Allow the daemon's host key to authenticate to itself
++
+The SSH daemon's host key can now be used to authenticate as the magic
+user `Gerrit Code Review`. This user identity is blessed as even more
+powerful than a site administrator, as using it requires access to the
+private half of the host key. For example:
++
+----
+ ssh -p 29418 -i site_path/etc/ssh_host_rsa_key 'Gerrit Code Review'@localhost gerrit flush-caches --all
+----
+
+* Allow $site_path/etc/peer_keys to authenticate peer daemons
++
+Additional public keys for the magical 'Gerrit Code Review' user may
+be specified in an OpenSSH authorized_keys style file and are
+functionally equivilent to authenticating with the daemon's host key.
+The keys are primarily intended to be other daemons, most likely
+slaves, that share the same set of repositories and database.
+
+* Allow suexec to run any command as any user
++
+The new SSH based suexec command can only be invoked by the magic user
+`Gerrit Code Review` and permits executing any other command as any
+other registered user account. This forms the foundation of allowing
+a slave daemon process to transparently proxy any write request from a
+client forward to the current master.
++
+The transparent proxy support is not yet implemented in the slave.
+
+
+Bug Fixes
+---------
+
+* issue 448 Disable syntax highlighting on unified views
++
+Syntax highlighting in the unified patch view isn't useful if it hides
+the added and removed lines red/green text color. Disable it entirely
+so the add/remove coloring shows up instead.
+
+* Send missing dependencies to owners if they are the only reviewer
++
+If the owner of the change is the only reviewer and the change can't
+be submitted due to a missing dependency, Gerrit failed to send out an
+email notification. Fixed.
+
+* issue 385 Delete session cookie when session is expired
++
+If the session expires and the user clicks "Close" in the session
+expired popup dialog box, delete the cookie so the user can continue
+to use the website as an anonymous user.
+
+* issue 387 Use quoted printable strings in outgoing email
++
+Names or subjects with non-ASCII characters were not quoted properly
+in the email notification headers. Fixed.
+
+* daemon: Really allow httpd.listenUrl to end with /
++
+If httpd.listenUrl ended with / the configuration got botched during
+init and the site didn't work as expected. Fixed by correctly
+handling an optional trailing / in this variable.
+
+* Fix NoShell to flush the error before exiting
++
+Sometimes users missed the standard error message that indicated no
+shell was available, due to a thread race condition not always
+flushing the outgoing buffer. Fixed.
+
+* Dequote saved OpenID URLs
++
+Certain OpenID URLs were getting double quotes thrown around them
+after being saved in the last identity cookie on the client. The
+quotes were loading back into the dialog on a subsequent sign-in
+attempt, resulting in an error as double quotes aren't valid in an
+HTTP URL. Fixed by dropping the quotes if present.
+
+* issue 389 Catch bad commentlink patterns and report them
++
+A bad commentlink.match pattern could cause the change screen to
+simply not load, with no errors in the server log, and nothing
+immediately visible on the client. Most bad patterns are now caught
+during server startup and are reported in the server error_log.
+Certain failures are caught on the client side, and sent to the server
+error log over RPC. Bad patterns are simply skipped when logged.
+
+* issue 419 MySQL: Fix account\_group\_members\_audit removed\_on
++
+MySQL has a "feature" which prevented the removed_on column from being
+NULL when we meant for it to be NULL. Fixed by using the MySQL
+suggested work around, which is non-standard SQL.
+
+* Change "Publish Comments" to "Review"
++
+The term "Publish Comments" was used on two different buttons that
+performed two different actions. The first usage was to open the
+screen which shows the scoring buttons, provides the cover letter
+editor, and shows the in-line comments for final review before
+publication. The button that opens that review screen has been
+renamed "Review". The second usage of the button was to actually send
+out the notification emails, and expose the comments to others. This
+button is still called "Publish Comments".
+
+* issue 427 Adjust SocketUtilTest to be more likely to pass
++
+Some DNS environments, especially those based on OpenDNS, were failing
+this test case during a build because the upstream resolver was
+returning back a bogus record for an invalid domain name. The test
+was adjusted to use a name that is less likely to be resolved by a
+broken upstream resolver.
+
+* 424 Use JGit's LockFile to copy files during init
++
+init sometimes truncated the WAR file to 0 bytes if it was running
+from the destination WAR. Fixed by using JGit's LockFile class which
+writes to a temporary file and does an atomic rename to finish.
+
+* issue 438 Skip gitlink modes as we can't get a content difference
++
+The special gitlink mode inside of a tree points to a commit in the
+submodule project. We can't show the content of it inside of the
+supermodule.
+
+* Don't try to syntax highlight plain text
++
+Plain text files can't benefit from syntax highlighting, its actually
+more confusing than it is useful. Skip highlighting on them.
+
+* issue 251 Fix bad syntax highlighting
++
+Prior versions performed syntax highlighting on a per-line basis,
+resulting in confusing or bogus results in multi-line contexts like
+C/Java's "/\* ... \*/" style comment. Fixed by performing
+highlighting on the entire file contents, even if only some lines are
+displayed to met the user's context setting.
+
+* init: Only suggest downloading BouncyCastle on new installs
++
+Upgrades of an existing installation which has not installed the
+BouncyCastle library shouldn't be encouraged to download and install
+the library again. The administrator has already chosen not to use
+it, we shouldn't nag them about it.
+
+* issue 423 Bind to LDAP using only the end-user identity
++
+Microsoft Active Directory doesn't support anonymous binds, and some
+installations might not be able to create a generic role account for
+Gerrit Code Review. The new auth.type LDAP_BIND permits Gerrit to
+authenticate using only the end-user's credentials, avoiding the need
+for an anonymous or role account bind.
+
+* issue 423 Defer LDAP server type discovery until first authentication
++
+Microsoft Active Directory wasn't being detected, because the
+anonymous bind during server startup failed. Instead the server
+type is detected during the first user authentication, where we
+have a valid directory context to query over.
+
+* issue 314 Hide group type choice if LDAP is not enabled
+* Expand group names to be 255 characters
+* Update URL for GitHub's SSH key guide
+
+
+Schema Changes in Detail
+------------------------
+
+* Remove Project.Id and use only Project.NameKey
++
+The project_id column was dropped from the projects table, and all
+associated subtables, and only the name is now used to link records
+in the database. This simplifies the schema for eventual changes
+onto less-traditional storage systems.
+
+* Move sshUserName from Account to AccountExternalId
++
+The ssh\_user\_name column in accounts was moved to an additional row
+in account\_external\_ids, using external\_id prefix `username:`.
+This removes the non-primary key unique index from the table, making
+it easier to move to less traditional storage systems.
+
+* Replace all transactions with single row updates
++
+Schema update operations have been reworked to not require multi-row
+transaction support in the database. This makes it easier to port
+onto a distributed storage system where multi-row atomic updates
+aren't possible, or to run on MySQL MyISAM tables.
+
+
+Other Changes
+-------------
+* Update gwtorm to 1.1.4-SNAPSHOT
+* Add unique column ids to every column
+* Remove unused byName @SecondaryKey from ApprovalCategory
+* Remove @SecondaryKey from AccountGroup
+* documentation: Remove mention of mysql_nextval.sql script
+* Drop MySQL function nextval_project_id
+* documentation: Remove project_id from manual insert
+* Update JGit to 0.5.1.106-g10a3391
+* Split the core receive logic out of the SSH code
+* Move toProject into PageLinks for reuse
+* Correct SSH Username to be just Username
+* Don't display the magic username identity on the identities tab
+* Show Status column header on the SSH key table
+* Queue smart HTTP requests alongside SSH requests
+* Add a password field to the account identities
+* Authenticate /p/ HTTP and SSH access by password
+* Advertise the smart HTTP URLs to references
+* Refactor the SSH session state
+* Fixing Eclipse settings file
+* Merge "Fixing Eclipse settings file"
+* Add --commit to comment-added as there was previously no way to kno...
+* Fix imports inside of PatchScreen.java
+* Fix crash while loading project Access tab
+* Replace our own @Nullable with javax.annotation.Nullable.
+* Merge "Replace our own @Nullable with javax.annotation.Nullable."
+* Correctly hide delete button on inherited permissions
+* Allow per-branch OWN +1 to delegate branch ownership
+* Block inheritance by default on per-branch permissions.
+* Merge "Block inheritance by default on per-branch permissions."
+* Simplify FunctionState as discussed previously
+* Restore delete right checkboxes in wild card project
+* issue 393 Require branch deletion permission for pushes over HTTP
+* issue 399 Update JGit to 0.5.1.140-g660fd39
+* Merge "Add MaxNoBlock category for advisory review levels"
+* Add standard eclipse generated files to .gitignore
+* Merge "Add standard eclipse generated files to .gitignore"
+* Don't reformat the source if the files are identical
+* Fix schema 27 upgrade for H2
+* Update JGit to 0.5.1.141-g3eee606
+* Merge "Update JGit to 0.5.1.141-g3eee606"
+* Manage database connections directly in PatchScriptFactory
+* issue 425 Update user documentation to explain branch access control
+* Merge "Update user documentation to explain branch access control"
+* Update to gwtjsonrpc 1.2.2-SNAPSHOT
+* Merge "Update to gwtjsonrpc 1.2.2-SNAPSHOT"
+* Allow refs/* pattern on new reference rights
+* Trim reference name from user when adding access right
+* Execute Git commands with AccessPath.GIT
+* Update to GWT 2.0.1
+* Update to Ehcache 1.7.2
+* Update to mime-util 2.1.3
+* Update to H2 1.2.128
+* issue 442 Fix IncorrectObjectTypeException on initial commit
+* Compute allowed approval categories separately.
+* Move new change display to PostReceiveHook
+* Drop unused formatLanguage property from patch table
+* issue 447 documentation: Improve Apache mod_proxy configuration
+* issue 445 Fix whitespace errors with word diff enabled
+* issue 439 Move syntax highlighting back to client
+* Remove Mozilla Rhino from our build
+* Add missing step to add gwtui_dbg configuration
+* Remove useless imports from Schema_28
+* Fix upgrading H2 from schema 20 to current
+* Move release notes into the repository
+* issue 454 documentation: Improve bugzilla link example to include #
+* Drop unused err PrintWriter in Receive
+* documentation: Describe how to do case insensitive commentlink
+* Add patch releases to release notes
+* Update to gwtorm 1.1.4, gwtjsonrpc 1.2.2, gwtexpui 1.2.1
+* Update to GWT 2.0.2
+* documentation: Remove stupid ReleaseNotes build rules
+* documentation: Use a per-version directory
+
+6df5ea1a3db71d300142099bbe5182507437ab55
diff --git a/ReleaseNotes/index.txt b/ReleaseNotes/index.txt
index d680e68..4cd91ae 100644
--- a/ReleaseNotes/index.txt
+++ b/ReleaseNotes/index.txt
@@ -4,6 +4,7 @@
[[2_1]]
Version 2.1.x
-------------
+* link:ReleaseNotes-2.1.2.html[2.1.2]
* link:ReleaseNotes-2.1.1.html[2.1.1],
link:ReleaseNotes-2.1.1.html[2.1.1.1]
* link:ReleaseNotes-2.1.html[2.1]
