Download: 2.16.2 | 2.16.1 | 2.16
Documentation: 2.16.2 | 2.16.1 | 2.16
GWT UI is deprecated, and PolyGerrit is now the default UI.
Experimental Dark Mode in PolyGerrit.
Inline editing support in PolyGerrit UI.
Redesigned UI for PolyGerrit based on material design.
New configuration option to ignore self-approval on labels.
New CommonMark/Markdown parser.
When a gerrit site older than 2.15 is migrated to 2.16, then schema migration should be first performed to the latest 2.15 release.
To upgrade to 2.15 latest release:
java -jar gerrit-2.15.latest.war init -d ${site_path}
Since 2.14.2 the plugins are loaded before online reindexing is started, so that prolog rules provided by plugins can be invoked during indexing. See issue 6472 for details.
This causes a problem for any plugins that access the index either directly or indirectly (i.e. by accessing a cache), because the index is not yet available when the plugin is loaded during server startup. An example of this is in the replication plugin, which needs to use the group cache when authGroup is used in a destination configuration.
A fix issue 10082 is available since 2.16.3 release.
NoteDb is now required for accounts (since 2.15) and groups (since 2.16), and is the preferred storage for changes.
In Gerrit 2.15:
In Gerrit 2.16:
gerrit.war init).When upgrading to Gerrit v2.16, you are strongly advised to migrate fully (including changes) from ReviewDb to NoteDb.
You should review the documentation on NoteDb, including the information about the migration process:
Although ReviewDb is still technically available on Gerrit v2.16, the upgrade to NoteDb is strongly recommended, although not enforced.
Note that in the next version of Gerrit (v3.0), ReviewDb will not be available.
This release contains schema changes. To upgrade:
java -jar gerrit.war init -d ${site_path}
Gerrit 2.16 introduces a new secondary index for projects. The initial version of this index must be created by running the offline reindex before starting Gerrit:
java -jar gerrit.war reindex --index projects -d ${site_path}
The group index gained two new fields, which Gerrit 2.16 depends on. For this reason, the following command to offline reindex the group index must be executed as well:
java -jar gerrit.war reindex --index groups -d ${site_path}
The offline reindex for groups should also be run on Gerrit slave hosts.
Note that if you are migrating from v2.15, it is not necessary to reindex the changes and accounts indexes offline. These will automatically be reindexed by the online reindexer after starting Gerrit.
From 2.16 GWT UI is deprecated and will be removed in a future version.
In version 2.14 support for Soy templates was added. For backwards compatibility, support for Velocity templates (VTL) was kept.
In version 2.16 support for VTL is completely removed. Site administrators must replace any Velocity templates (.vm files in $site/etc/mail/) with the equivalent Soy templates before upgrading to this version.
The possibility to push to refs/changes is now disabled by default. It is still possible to enable it in the gerrit config by setting receive.allowPushToRefsChanges to true.
Some proxies, which are not under client control, prohibit DELETE requests with bodies. DELETE requests with bodies could work on a first attempt, but could fail afterwards because a server they have no control over was updated. In this case, client users could be in trouble if they were not notified.
Therefore, we have decided to no longer recommend sending DELETE requests with bodies. They will continue to work in this release but should be considered as deprecated and will be removed in the next release.
flexmark-java is a Java implementation of CommonMark 0.28 spec parser using the blocks first, inlines after Markdown parsing architecture.
Its strengths are speed, flexibility, Markdown source element based AST with details of the source position down to individual characters of lexemes that make up the element and extensibility, compared to Pegdown speed that was, in general, less than ideal and for pathological input either hangs or practically hangs during parsing.
This table was used to retrieve the site_path directory in unattended setup mode. As a replacement, system property gerrit.site_path should be used.
The Gerrit hook script for adding the Change-Id in every local commit has been simplified and is now using the git-interpret-trailers command. The interpret trailers command is available as of git v2.2.0, released Dec 2014.
Existing cloned repositories that have been cloned before the migration to v2.16 and thus having the old hook for generating the Change-Id will continue to work. However, new clones and hook scripts will need to upgrade your local git client to v2.2.0 or later.
If you have existing older git clients and cannot migrate to v2.2.0 or later, you need to keep serving the old script, copying it to the Gerrit /static directory, and then amend the Gerrit helper instructions to download it.
Example (assuming Gerrit installed on $GERRIT_SITE and available at https://gerrit.mycompany.com):
$ curl 'https://gerrit.googlesource.com/gerrit/+/stable-2.15/gerrit-server/src/main/resources/com/google/gerrit/server/tools/root/hooks/commit-msg?format=TEXT' > $GERRIT_SITE/static/commit-msg
$ git config -f $GERRIT_SITE/etc/gerrit.config gerrit.installCommitMsgHookCommand 'gitdir=$(git rev-parse --git-dir); curl -o ${gitdir}/hooks/commit-msg https://gerrit.mycompany.com/static/commit-msg ; chmod +x ${gitdir}/hooks/commit-msg'
The new ‘Read As’ capability allows users to impersonate any user to see which refs they can see.
Note: the capability was added in 2.16 but only documented since 2.16.1.
Issue 4437 inline edit is fully implemented using the CodeMirror Editor plugin.
A new core plugin, codemirror-editor, is available, which uses CodeMirror to provide a rich code editing experience in PolyGerrit.
When you upgrade Gerrit using init -d, you are given the option to install the codemirror-editor plugin.
For logging Gerrit is now using Flogger instead of SLF4J. The logging backend is still LOG4J.
The Flogger LOG4J backend is configured by a system property (flogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance) that must be set for logging to work. There is an init step that automatically sets this system property in the gerrit.config file and in addition Gerrit tries to set this system property automatically on startup if it isn't set yet. However for some setups you may need to do additional actions to make sure that this system property is set.
In addition there is a system property that needs to be set for request tracing (flogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance). Also this system property is automatically set in the gerrit.config file by an init step and in addition Gerrit tries to set this system property automatically on startup if it isn't set yet. However for some setups you may need to do additional actions to make sure that this system property is set.
SLF4J can still be used by plugins, but using SLF4J in plugins is deprecated and with the next Gerrit release SLF4J will no longer be exported as part of the Gerrit plugin API jar. This means from the next release onwards, plugins must either migrate to Flogger or have an own dependency on SLF4J.
There are several new REST endpoints and additions to existing endpoints, as described in the REST API documentation.
See below an overview of the noteworthy changes.
ProjectAccessInfo has a new field configWebLinks containing a list of URLs that display the history of the configuration file governing this project’s access rights.Query accounts requires the Modify Account permission to return the all the emails associated with the account.
New endpoint /drafts.delete to remove the drafts comments associated with an account.
New endpoints to lists, get and delete the messages /messages of a change including the detailed account information associated.
New endpoint /cherrypick to cherry-pick a specific commit.
New endpoint /server/reload to reload Gerrit configuration.
New endpoint /server/preferences.edit to retrieve and update the global edit preferences for the server.
?ownedBy to find groups that are owned by another groupNew option ?state to get all projects with the given state.
New option ?query for querying projects limited to a maximum of ?limit entries.
New endpoint /description for updating and deleting the project's description.
Check project access endpoint is now a GET API while the POST is still supported by deprecated.
New endpoint to index a project /index and all the changes /index.changes associated to it.
New endpoint /check to check project's consistency.
/files to list files associated with a commit.If a request is traced the unique trace ID is attached to all logs that are triggered by the request. In addition all logs are enforced regardless of the configured log level. Given the trace ID an administrator can find the trace in the error log and debug issues more easily.
Detailed information about request tracing can be found in the request tracing documentation.
A new option for Review Labels, label.Label-Name.ignoreSelfApproval, is available.
If true, the label may be voted on by the uploader of the latest patch set, but their approval does not make a change submittable. Instead, a non-uploader who has the right to vote has to approve the change.
It defaults to false, but one possible use case is to set the value to true for the Code-Review label in the All-Projects project. That value will then be inherited by all projects that do not override the Code-Review label settings.
Update args4j to 2.33
Update Brics Automaton to 1.12-1
Update BouncyCastle to 1.60
Update commons-compress to 1.15
Update commons-lang3 and commons-net to 3.6
Update Dropwizard metrics-core to 3.2.5
Update Elasticsearch to 6.4.3 (Updated to 6.5.4 in 2.16.3)
Add dependency to flexmark-java 0.34.18
Flexmark is a CommonMark/Markdown parser for java.
Add dependency to flogger 0.3.1
Flogger is a fluent logging API for Java and Gerrit is using Flogger instead of SLF4J now.
Update greenmail to 1.5.5
Update gson to 2.8.5
Update guice-* to 4.2.1
Update JGit to 5.1.3.201810200350-r (Updated to 5.1.5.201812261915-r in 2.16.3)
Update Lucene to 6.6.5
Update mime4j to 0.8.1
Update OpenID4Java to 1.0.0
Update Ow2.asm to 6.2.1
Update javax.mail to 1.6.0
Update Jetty to 9.4.12.v20180830
Update protobuf-java to 3.4.0
Update soy to 2018-03-14
Update SSHD to 2.0.0 and Mina to 2.0.17
Update tomcat-servlet-api to 8.5.23
Update tukaani-xz to 1.6
Remove dependency on Velocity
Remove dependency on joda-time and joda-convert
NOTE: joda-* dependencies are no longer exported in the Gerrit plugin API. Existing plugins that still rely on them need to be amended to include the explicit dependency on joda-* libraries.
ChangeInfo and RevisionInfo: Update copy methods to copy fields that have been added recently
Support allow_conflicts option in cherry-pick input on CherryPickInput
Have common class for entries in DynamicMap/DynamicSet/DynamicItem
New API for deleting draft comments of a user in AccountApi
New annotation RemoveAfter for documenting features in Gerrit that can be deprecated
DynamicSet returns Iterable for entries instead of Iterator
Support for deleting change message via REST API in ChangeMessageApi
New common interface for all REST views on collections, RestCollectionModifyView, removing duplicate code in the RestApiServlet. Rest{Create,DeleteMissing}View are renamed to RestCollection{Create,DeleteMissing}View. See the relevant change for more details.
Support binding a RestView to delete a missing resource through a brand-new DeleteViewBinder. See the relevant change for more details
New Api and REST endpoint to reindex a project on ProjectApi.
New RestCollection{Create,Delete,Modify}View that can be bound for POST and DELETE requests on collections via RestApiModule. The AcceptPost interface is not available anymore and existing code making use of it needs to be adapted to use the RestCollectionView.
Support getting account details in AccountApi.
New API and REST endpoint for accessing change messages in ChangeApi.
Add extension API for emails and support setting an email as preferred in AccountApi and EmailApi.
Add API and REST endpoints to get/set default edit preferences in Server.
Allow to filter list by project state in Projects.
Issue 10262: Upgrade JGit to 5.1.5.201812261915-r to fix validation of wants in git-upload-pack for protocol v0 bidirectional transports.
AdvertiseRefsHook was not called for git-upload-pack in protocol v0 bidirectional transports, meaning that wants were not validated and a user could fetch anything that is pointed to by any ref (using fetch-by-sha1), as long as they could guess the object name.
Issue 10242: Fix regression that allows a user's account to be taken over when multiple authentication providers are in use.
A regression introduced in 2.14.7 allowed a user's account to be taken over by creating an account on a different provider with exactly the same username as the existing Gerrit account.
Issue 10082: Decouple online reindex activation from index module.
Plugins were not loaded before online indexing was triggered, resulting in plugin-contributed submit rules not being evaluated during indexing.
Online reindex activation is now decoupled from the index module and thus postpones the triggering of online reindexing until after loading of the plugins.
Evict group caches on group creation.
If a group was created after a previous cache miss for its name, Id, or UUID, the cache also did not return the group if it is called immediately after the group was created.
Issue 10240: Fix internal server error when cloning a repository from Gerrit slave.
Improve error handling if comment note is too large during schema migration.
During migration to schema 169, comments in NoteDb are migrated to json. If loading the blob for a comment note failed due to being too large (in excess of a hard-coded 25MB limit), the migration would fail.
The hard-coded limit is now removed. It is still possible that the migration can fail if the blob is excessively large, but the logging of such a failure is improved so that the change that failed can be tracked down.
Issue 4278: Fix wrong code snippet in email notifications.
Issue 9410: Add the GWT hash separator to the GWT url.
Merge top menu items contributed by plugins.
Each plugin contributes a list single of menus, which are expected to be merged in existing top menu entries if they already exist. This was implemented in the GWT UI, but not in PolyGerrit.
Issue 10267: Add support for several more MIME types in syntax highlighting.
Support is added for: powershell, xquery, cmake, coffeescript, crystal, diff, django, dockerfile, ebnf, elm, erlang, fortran, groovy, haml, haxe, ini, julia, latex, less, mathematica, nginx, nsis, postgresql, q, scss, scheme, excel, tcl, twig, vb, vbscript.
Upgrade jackson-core to 2.9.8.
Version 2.9.8 includes several bug fixes, including security fixes.
Upgrade elasticsearch-rest-client to 6.5.4.
Issue 10263: Include edit ref in EditInfo element returned by the edit API.
It was not possible for users of the Java API to get the edit ref.
Export the project indexer in the plugin API.
Add a new method on the account API to set the account name.
Add new methods on the project API to get/set the project's HEAD.
Add a new method on the commit API to get “included in” information.
SECURITY Issue 10201: Remove support for Git protocol v2, because of a security vulnerability discovered
The JGit implementation of protocol V2 does not invoke the advertiseRefsHook on fetch and ls-refs, which results in all refs being sent, regardless of the configured ACLs.
Issue 9024: Fix setting PRIVATE and WIP for updated changes in console report.
In some cases the private and work-in-progress status indicator for changes updated by push was shown incorrectly.
Fix case-insensitive searching of hashtags.
Issue 10106: Fix incorrect json in the example for the ‘Set Access’ REST endpoint.
Issue 10112: Upgrade rules_closure to make Gerrit buildable with the latest Bazel version.
Issue 9781: Fix full ACL evaluation for LDAP groups.
The LDAP groups have been historically filtered by relevance to the Gerrit ACLs. However, that optimization has the side effect of blocking users to access legitimate projects if they are temporarily not cached in memory. Allow to disable the LDAP filtering optimization for having always a 100% consistent ACL evaluation, regardless of the project's cache status.
Upgrade elasticsearch-rest-client to 6.5.3.
Discontinue support for Elasticsearch 2.4.
Add preliminary support for Elasticsearch 7.
Support for Elasticsearch 7 is added, and tested against the alpha1 release.
Add a new method on the account API to set the account name.
Issue 10018: Fix failure to upgrade schema when migrating from 2.13.
Issue 10038: Add support for Elasticsearch 6.5.1.
Issue 10052: Fix invalid requests to Elasticsearch.
Issue 10021: Security - Disallow create project to execute arbitrary code on the client by quoting and encoding project names.
Issue 10106: Documentaiton - REST API for updating project rights amended with correct payload.
Issue 10143: Fix internal server error when running the kill command.
Issue 9768: Explicitly set the number of shards and replicas for Elasticsearch, and allow them to be configured.
From Elasticsearch version 7 the default number of shards per node will be changed from 5 to 1.
The number of shards and number of replicas are now explicitly set when creating the index.
The new settings elasticsearch.numberOfShards and elasticsearch.numberOfReplicas allow the values to be configured. The default values are 5 and 1, respectively, which is the same as the default values used by Elasticsearch prior to version 7.
Discontinue support for Elasticsearch 2.4.
Add preliminary support for Elasticsearch 7.
Support for Elasticsearch 7 is added, and tested against the alpha1 release.
Fix internal server error when listing reviewers of a change with reviewers by email.
Reviewers by email don't have an account ID but formatting reviewers as JSON tried to get account IDs of all reviewers. This failed when the change had any reviewers by email.
Do not create index on account_group_members table in postgres database.
The account_group_members table was deleted, but the postgres setup still tried to create an index on it, which prevented a new site from starting up.
Don't serve Polygerrit UI when running in headless mode.
Don't serve static resources when running in slave mode.
Fix assignee's status on the change screen.
The assignee field‘s status showed the change owner’s status text.
Add missing documentation of the ‘Read As’ capability.
Change-Id: I3752456 Use dynamic binding for UrlFormatter.
The UrlFormatter interface had a fixed binding to its default implementation, which meant it was not possible for plugins to provide a different implementation but were merely injecting it when needed
It is now possible to replace the default implementation using a DynamicItem which requires a change in how it is injected and used in plugins.