Download: 3.8.3 | 3.8.2 | 3.8.1 | 3.8.0
Documentation: 3.8.3 | 3.8.2 | 3.8.1 | 3.8.0
Rebasing a change from the web UI preserves the uploader for trivial rebases.
This has the advantage that the rebaser is not taking over the change, which is important when the project is configured to ignore self-approvals of the uploader, as this allows the reviewer to approve and submit the change, after doing a rebase.
Allow to atomically rebase a chain of changes.
If the chain is outdated, i.e., there‘s a change that depends on an old revision of its parent, the result is the same as individually rebasing all outdated changes on top of their parent’s latest revision.
Users can be notified about their attention set in browser. The notifications work only when Gerrit is open in one of the browser tabs. When users open Gerrit, they will be asked by a popup to allow desktop notifications on their browser to see them. If users deny notifications on all sites, there won’t be a popup. But they can change it in browser settings. The latency to get the notification is up to 5 minutes.
Automatic notifications are enabled by default, but users can turn them off in the Gerrit user preferences.
See the documentation for more details.
This feature can be enabled in gerrit.config
by adding this configuration:
[experiments] enabled = UiFeature__push_notifications
Users can create a change and open a file for edit in that change using an Edit URL. This enables other tools to provide a URL that directly opens an edit of specific files.
See the documentation for more details.
This release doesn't contain schema changes.
The changes
index version has been increased to version 82.
By default, if you're upgrading from 3.7, the index is automatically rebuilt upon Gerrit startup after the upgrade.
If you're upgrading from 3.6 or an earlier version, you must use the Offline upgrade steps below.
java -jar gerrit.war init -d site_path --batch
If you are upgrading from a 3.7 version you don't need to run reindex (see Online index schema upgrade from 3.7
above). If you still want to you will only need to run reindex of changes
:
java -jar gerrit.war reindex --index changes -d site_path
If you are upgrading from a 3.6 version, or an earlier version, you must run a reindex of all indexes:
java -jar gerrit.war reindex -d site_path
See the reindex program for other options.
Gerrit v3.8.x supports zero-downtime upgrade from Gerrit v3.7.2 or later when configured using a high-availability configuration, and the Git repositories are stored in a shared filesystem such as NFS or similar.
During the zero-downtime upgrade, Gerrit end-users would not notice any outage or service disruption. They will be able to perform any read/write Gerrit operation on the GUI or using any API.
The zero-downtime upgrade consists of the following steps:
gerrit.experimentalRollingUpgrade
to true
in gerrit.config
on both Gerrit primaries.gerrit.experimentalRollingUpgrade
from gerrit.config
on both Gerrit primaries.Downgrade to any Gerrit v3.7.x release is possible, but requires the following manual steps:
java -jar gerrit.war init -d site_path --batch java -jar gerrit.war reindex --index changes -d site_path
GerritForge RPM repository updated for arm64 architecture
GerritForge RPM v1.4 has been released, including the native packages for arm64 architecture.
DockerHub images for arm64|amd64 architectures
gerrit:3.8.0-almalinux8 OS base image upgraded to AlmaLinux 9.1
gerrit:3.8.0-ubuntu22 OS base image upgraded to Ubuntu 22
The issues of the Gerrit Code Review project have been migrated from Monorail into the new Gerrit Tracker, see announcement at: https://groups.google.com/g/repo-discuss/c/F4havFh_Bvw/m/D5MsV17yAgAJ
If the gerrit.reportBugUrl setting on your Gerrit server is pointing to the Gerrit Monorail project, which is deprecated now, please update the URL to point to the new Gerrit Tracker, e.g. change https://bugs.chromium.org/p/gerrit/issues/entry?template=Bug+Report to https://issues.gerritcodereview.com/issues/new.
Issue 309098227 Change 360646: The introducion a per request ref cache for better performance may break the repository consistency
The addition of a new core.usePerRequestRefCache
setting, true by default, introduced a per request (currently per request thread) ref cache, helping reduce the overhead of checking if the packed-refs file was outdated. However, in some scenarios, such as multi-site or concurrency between git-receive-pack
and git-gc
, it may lead to split-brain inconsistencies and, in the worst-case scenario, to the corruption of the underlying repository.
Issue 40015537: Gerrit does not render properly the modal dialogs on Safari 15.3, Chrome 36, Edge 78, and Firefox 97 or earlier.
Gerrit frontend uses the HTMLDialogElement.showModal function, which is not working properly on old browsers.
Change 365595: WebLinkInfo: Drop deprecated constructor
Custom UI plugins that are explicitly using WebLinkInfo
are affected by this and might need adapting.
Change 360756: Disallow uploading new prolog rules files.
Clients should use submit-requirements instead. Please note that modifications and deletions of existing rules.pl files are still allowed.
Change 360054: Allow callers to format create change response
Add ListChangeOptions
to ChangeInput
and ApplyPatchPatchSetInput
such that callers can control what fields should be formatted in the returned ChangeInfo. For ApplyPatch, this commit changes the default formatting options from CURRENT_COMMIT
to no-options
.
Change 360219: Delete vote now fails for an already deleted vote
An e-mail was sent each time when a vote was executed, even if the label had been already set to 0 and thus no actual changes were made.
This fix can break some scenarios, where the caller expects that DeleteVoteOp will always succeed after the label was added at least once. This should be fixed on the caller side.
Change 358975: Skip account visibility checks when querying changes
Skipping the account visibility check when querying changes of users participating in the change (the change owner, reviewers, CCs etc.). This affects several search predicates: owner
/ uploader
/ label
user
/ reviewer
/ attention
/ commentby
Change 358954: Check permissions when resolving accounts by secondary emails
fixed an issue that allowed users to resolve secondary emails, although they should not have been able to see them.
Change 358114: removed automatic linkification of URLs that do not start with http://
or https://
.
Change 357298: Removed Assignee functionality in Gerrit.
‘Assignee’ functionality has been superseded by ‘Attention Set’. The functionality has no Web UI support anymore.
Change 357276: Removed option to disable Attention Set
No longer support the option of disabling the Attention Set.
Change 356941: Do not set real_author
in ChangeMessageInfo if author
== real_author
It‘s not needed to return the author twice if the change message was not impersonated. Documentation already stated this, but clients should double check they don’t rely on real_author
always being returned.
Change 354916: Remove registerStyleModule() plugin API
Use plugin.styleApi().insertCSSRule()
instead.
Change 351814: Remove notify()
from AnnotationPluginApi
Change 351515: Remove html commentlink functionality.
Html commentlinks allow for arbitrary html injection on the page. Replaced them with link commentlinks, using optional prefix
, suffix
, text
parameters to achieve the same functionality. Existing configs can be migrated using scripts in tools/migration/html_to_link_commentlink.md
download-commands:
git rev-parse
to find hooks-dirreviewnotes:
webhooks:
codemirror-editor:
gitiles:
replication:
Change 353294: Provide an option to skip replication of NoteDb meta refs
Replicating NoteDb meta refs is not needed when the remote does not run a Gerrit instance. This can be now disabled via remote.<NAME>.replicateNoteDbMetaRefs
Change 360646: Introduce a per request ref cache for better performance
Add a new core.usePerRequestRefCache
setting. If the setting is true, use a per request (currently per request thread) ref cache. This helps reduce the overhead of checking if the packed-refs file is outdated. This setting is true by default.
Change 365144: Destination queries now use the change index
destination
predicate now matches any number of branch names with O(1) efficiency.
Issue 16072: Fix “showchange” plugin event being triggered twice on patchset change
Change 363074: Performance optimization for cold-cache groups
Change 370995: Add comments chips to patchset select
Change 361574: Add darkMode param to gr-editor-view extension point
Change 358179: Add a new endpoint for a profile page
The goal of this endpoint is to show a new page that‘s the contributions’ page of a user.
Change 360134: Fix “Old Patchset” being displayed on current edits
Change 359814: User can rebase whole chain from UI.
Issue 16545: Fix issue where using in-line editor to add new files / edit existing files didn't show the changes in file list
Change 349422: Privacy information on settings page
Change 354154: Enter key selects emoji after ‘:’ is typed
The previous behavior was that enter wouldn't select emojis until more characters were typed after ‘:’.
Change 352682: Matching atoms in copy conditions that are posted as change messages are highlighted in bold now.
When a new patch set is created and approvals are copied to the new patch set, Gerrit posts a change message to inform about the copied and outdated votes together with the corresponding copy condition. Passing and failing atoms in the copy condition are now highlighted in bold.
Change 351934 Comments tab respects special file sorting cases like .h
Change 348877: Show account hovercard preview on settings page
Account preview can be displayed in-flow without requiring hovering
Change 348794: Account chip preview on settings page
This lets the user see how they will appear to others and what data will be public.
Change 348536: Removed all hardcoded gr-icons.
All core plugins have been migrated to using Material-based gr-icon which no longer need these hardcoded SVGs.
Change 353058 Add a route and a dialog for creating a change directly from the URL.
Change 361696: Remove prolog rules doc page mention from the index page
users should use submit-requirements instead of prolog rules
Change 348538: Improve Polygerrit README
Change 340255: Add a shortcut to Developer Setup
Change 345774: Upgraded bouncycastle to 1.72
Change 355597: Upgraded commons-codec to 1.15
Change 355294: Upgraded jsoup to 1.14.3
Change 335738: Upgrade sshd version to 2.9.2 and mina-core to 2.0.23
Change 312716: Update Jetty to 9.4.49.v20220914
Change 367654 Fixed rebasing chain when a checks refs exists for one of the changes
Fixed a NPE that might have been thrown when rebasing on changes for which a checks
ref exists.
Change 366334 Added ‘a’ as alias for the ‘author’ search operator
This follows the example of other aliases, e.g. ‘o’ for ‘owner’ or ‘r’ for ' reviewer'.
Change 365901 Added global capability that allows to view secondary emails
If users have multiple emails only the preferred email is visible to other users. Now, with the new View Secondary Emails
global capability it's possible to allow viewing all emails.
Change 361460 Allow editing commit message from Change-Id: to Link: footer
This allows to edit the commit message by replacing a valid ‘Change-Id:’ footer for a valid ‘Link:’ footer.
Change 350455: Enables transition from LDAP to Google OAuth
When transitions to Google OAuth from LDAP, if the account exists with the same e-mail then the account ID is reused. This allows to have the same user history post migration.
Change 359974: Fixed calculation of insertions and change buckets for change emails
When computing change email, the number of files, insertions and deletions didn't count the commit message for number of files, but for insertions the lines from the commit message were counted, which was inconsistent.
Change 358115: Allow for plugin data directory to be symlinked
Change 357648: Don't add owner to attention set on merged change if bot re-applies a negative vote
Bots can no longer re-apply negative votes on merged change, leading to an unwanted attention set update.
Change 357477: Added a new ‘uploaderemail:’ operator for Submit Requirements
returns true if the uploader's email matches a specific regular expression pattern.
Change 357474: Added a new ‘committeremail:’ operator for Submit Requirements
returns true if the change committer's email matches a specific regular expression pattern.
Change 357460: Fixed ownerin/uploaderin
for internal groups that include external groups
Fixed an issue where the ownerin
and uploaderin
predicates were not matching correctly for internal groups that include external groups.
Change 350034: The commit-msg hook respects the scissors marker for the empty message detection.
When “git commit --cleanup=scissors” the commit-msg hook couldn't detect if the commit message is empty properly.
Change 357278: Fixed parsing of URL parameters that contain a ‘%’ that is not part of an encoded character
Without this fix users could trigger 500 internal server errors in Gerrit by providing invalid strings for URL parameters.
Change 356762: Added support for rebasing on behalf of the uploader
Rebasing a change on behalf of the uploader means that the uploader stays intact when the reviewer rebases the change.
Change 356354: Added project permission for removing votes/labels
For every configured label My-Name
in the project, there is a corresponding permission removeLabel-My-Name
with a range corresponding to the defined values. For these values, the users are permitted to remove other users' votes from a change.
Change 356260: Fixed overriding impersonated votes
Fix an issue where overriding an impersonated vote for a user A (real user B) only worked if the voting values were different. If the voting value was the same Gerrit wrongly assumed that the voting was a no-op.
Change 355574: Added support to remove a non-visible account as a reviewer through the PostReview REST endpoint
Fix an issue where, if a visible change had a reviewer whose account was not visible, this account could be seen on the change, but the reviewer could not be removed.
Change 351075: Added a REST API to rebase a chain of changes
A new API POST /changes/{change-id}/rebase:chain
now allows to rebase an ancestry chain of changes.
Change 355116: Added prefixsubject
index field (requires index upgrade)
Similarly to prefixhashtag
and prefixtopic
it is not possible to search changes by subject prefix (e.g. a bug ID in square brackets).
Change 354294: Custom git gc-preserve command which can preserve packs for JGit
Implemented a custom git command “git-gc-preserve” preserving old packs to prevent races between git gc running on a large repository concurrently to fetch/clone requests.
Change 354037: Added subject
index field (requires index upgrade)
Allow to query changes by subject.
Change 353674: Invalid label ranges for permissions are rejected when pushing a project.config file
Attempting to add permissions with a range where min
is greater than max
, where min
is present but max
is missing or vice-versa throws an IllegalArgumentException
.
Change 353635: Set Access REST endpoint rejects invalid label ranges
Change 353655: Do not add a duplicated project.config entry if a duplicate input is added.
When the same request was made to the ‘Set Access’ project rest endpoint, it resulted in adding a duplicated line in the project.config.
Change 353287: Votes that are copied to follow-up patch sets when a vote on an outdated patch set is applied are now posted as a change message.
When votes were copied to follow-up patch sets they were applied in NoteDb, but users were not informed about them. Now a change message is posted to inform that the vote was copied forward.
Change 352055: Reject invalid base on push with proper error message instead of failing with an internal server error
Change 352034: Fix GetRelated if multiple changes for the same commit exist
Change 351534: Fix the issue that 404 page is shown after login
After logging in using the “Sign in with a Launchpad ID” link Gerrit used to display a “not found” page.
Change 351614: Do not require trailing slash for requests on root collections
Often users are confused why ‘GET /changes/’ works, but ‘GET /changes’ doesn't. Both are now allowed.
Change 347719: Suppressing emails on submit is disallowed now if there is a post approval diff
Fixes a security issue where a malicious user could submit code changes without anyone ever seeing them. If a change is submitted and a post approval diff exists, no matter which notify setting the caller specified, Notify=ALL is used.
Change 351114: Add support for enabling Strict Dynamic CSP on Documentation pages.
Change 349175: Disallow ‘cansee’ account search operator with private changes
This operator used to fail for private changes if the change owner requested cansee:<private_change>
. Now, if the caller of the query is the owner or one of the reviewers/ccs of the change, the query returns account data for it.
Change 349216: Add a has:submodule-updates
operator for submit requirements
Returns true if the diff of the latest patchset against the default base has a submodule modified file
Change 347936: Reject uploading project config changes if they contain duplicate submit requirement definitions.
Prevent project owners and admins from accidentally adding multiple definitions for the same submit requirement name.
Change 246234: The WorkQueue now uses new STARTING and STOPPING states while a listener's onStart() and onStop() methods are called.
Change 346954: Log progress for online-reindexing of changes
When performing online reindexing, from the log file we could only observe when it starts and when it ends. With this change we log the progress once per minute.
Change 340061: Add old/new file modes to the ‘List Files’ diff endpoint
if a file is modified with a change to the file mode only, now the file will be listed as modified.
Change 245614: Added a WorkQueue.TaskListener extension for plugins
This extension point makes it possible for plugins to define and implement WorkQueue QOS policies.
Breaking Changes
Change 383334: refreshAfterWrite
and maxAge
settings in gerrit config are now honored for both persistent and in-memory caches.
Previously these settings were erroneously ignored for persistent caches. If you rely on them for persistent caches you should be aware they will be honoured now.
New Features
Change 383334: Allow to set gerrit.instanceID from java system property
In environments where Gerrit is scaled automatically and which use the same static configuration for all instances, e.g. in Kubernetes, setting instance specific configuration in the config file is a cumbersome process. Instance ID can also be set using the gerrit.instanceId
Java system property, which will override the instance ID in gerrit.config
.
Change 377699: Allow generating safe local-only documentation, without reference to external fonts in CSS
Change 390658: Allow disable Prolog rules evaluation on closed changes
Change 390614: Allow uploading changes to group refs except changes to group files
Change 389055: Allow operator aliases to be used in submit requirement expressions
Change 386974: SSH set-reviewers cmd now handles lock failures with retries
Performance Fixes
Change 376094: Introduce new cache changes_by_project
to speedup git ref advertisements on replica and git-receive-pack on primary
Change 377814: Skip building bloom filters by default speeding up offline reindex
Security Fixes
Bug Fixes
Change 394435: Support listing of patch-set files also for imported changes from other Gerrit servers-ids
Issue 301481564: Fix the repository configuration screen remainign stale when switching tabs
Issue 304335624: Fix the changing preferred email resulting in duplicate emails set in cache
Change 388054: Eliminated startup warning for plugins whose SshModule only provides Ssh*CommandInterceptors
Change 387217: Fixed case where an exception in change visibility checking could break visibility of all refs in that repo
Change 387055: Fix SSH set-topic cmd to consider ‘editTopicName’ permission
Issue 291102119 Avoid NullPointerException when deleting a single ref
Change 387216: Fixed potential OOM due to SubmitRuleEvaluator creating new metrics whenever an instance was created
Change 387214: Fixed potential OOM due to DefaultRefFilter creating new metrics whenever an instance was created
Change 386976: Fixed potential OOM due to *QueryProcessor classes creating new metrics whenever an instance was provided
Issue 300976121: Fix NPE when auth.httpDisplaynameHeader
is configured but header is unset
Change 387054: Fix force topic edit
permission to consider change owner rule
Change 386994: Fixed InactiveAccountDisconnector NPE due to race condition
Issue 295457464: Fixed SSH query not returning copied approvals on per patchset level
Documentation Fixes
Change 391858: Document ChecksApi.updateResult()
in PolyGerrit plugins checks API
Change 391696: Document check-result-expanded
plugin endpoint in PolyGerrit plugins checks API
Change 388936: Explain in ls-projects SSH API when the “parent” field is “?-N”
Change 388530: Explain in /projects/ REST API when the “parent” field is “?-N”
Replication Plugin Updates
Change 384754: Avoid opportunity to inadvertently block the distributor
Change 383694: Reduced log level for Task deletion errors in MP setups
Dependency Updates
Native Packaging
canonicalWebUrl
in Docker containersNew Features
Bug Fixes
Change 380154: Documentation: NOTE on use of sshkeys, and *projects cache on clusters
When using the sshkeys, and *projects caches on a cluster, warn the Gerrit admin he should be aware of those caches to be potentially stale. The problem can be minimised by either disabling them altogether or setting a low value of refreshAfterWrite.
Change 384214: Align Jetty session timeout with Gerrit web_sessions maxAge
Do not leave Jetty having sessions kept forever but expire them with the same timeout of Gerrit sessions.
Verified E2E that the Jetty sessions expires with the same timeout of the web_sessions maxAge value.
Issue 290225204: loginUrl and loginText are hardcoded in the UI
Gerrit UI ignored the settings in the auth section of the configuration 1.
In particular auth.loginUrl 2 should be used if present and auth.type is set to HTTP or HTTP_LDAP. Also auth.loginText 3 should be used if auth.loginUrl is set.
This change backports change 381534 to stable-3.6. We didn't cherry-pick because the code changes significantly and had many conflicts.
Issue 291102119: Avoid NullPointerException when deleting multiple tags
To avoid NPE make sure that ref is not read again after checking if ref exists. This prevent the issue when other call already removed the tag and we try to read it. Proper behaviour is to try to delete it and return Cannot delete refs/tags/...: LOCK_FAILURE
if tag is already deleted.
Issue 289505276: Fix for: change can't be submitted if another branch contains exactly the same commit.
Change 380694: Hide Move Change from UI if change.move is set to false
Issue 290641654: Fix bug in API ‘/projects/*/access:review’ ignoring ‘message’ field
Fix API endpoint ‘CreateAccessChange’ ‘/projects/*/access:review’ not hounouring ‘message’ field provided via ‘ProjectAccessInput’ object despite setting it. Add condition to check if message is provided then use it instead of default ‘Review access change’
Issue 298846017: Fix admin links that contain the base URL twice
Fix Gerrit Context paths becoming doubled in Admin View navigation links.
Plugin Updates
Change 383360: Update webhooks plugin to 1dc0a71883
This includes the following changes: 1dc0a71 Add HTTP response code ‘SC_ACCEPTED’ (202) as success case in response handler 16110f3 Annotate methods that return a definitely null value with @Nullable and fixes: Issue 40015349 “plugins/webhooks doesn't accept HTTP 202 response code”
Breaking changes
Issue 40015585: Enhance metric name sanitize function to remove collision on ‘_’ between metrics.
Collision between the sanitized metric names can be easily created e.g. foo_bar
will collide with foo+bar
. In order to avoid collisions keep the rules about slashes and replace not supported chars with _0x[HEX CODE]_
string. The replacement prefix 0x
is prepended with another replacement prefix.
New Features
Change 377794: Extend configurability of index pagination type
Add NONE option to disable index backend pagination, this option needs to be honoured by the indexing backend and this change introduces the correct implementation for Lucene.
Change 372974: Don't allow index searches with size greater than maxPageSize
Queries with a ‘start’ parameter can perform an index search with size greater than the configured maxPageSize, i.e. when start + limit exceeds the maxPageSize. Fix such queries to paginate instead.
Bug Fixes
Issue 289321387: Preserve refs order in the GitBatchRefUpdateEvent event
Change 335757 introduced the concept of the single event representing batch ref update. However this new event did not preserve original order of the updated refs. This impacts event consumers behaviour and can cause failures. For example if meta ref is processed before patchset ref indexing operation will fail because of the missing patchset.
The timeline of events is kept in the same order they are generated, to make sure that refs order is preserved and backward compatibility is kept.
Change 378075: Fix links to URLs with nonstandard schemes
Removed automatic linking of URLs that do not start with https?://
Change 377796: Fix imported changes appearing as duplicates in index
When parsing the change data from ChangeNotes, the in-memory created ChangeData contains useful information like the serverId that the change belongs to. The same information isn't available when reindexing directly from a newly created entity Change which has no relationship with the underlying change notes.
Change 340014: Fix identity parsing for imported human comments
When an account's serverId does not match the one defined in gerrit.config, then use the ‘imported’ external ids in the accounts for reverse lookup of the accountId. This allows to correctly understand and associate the imported changes coming from repositories of other Gerrit servers to the correct local accounts.
Issue 40015148: Fix ExternalId differential loading when cache is inconsistent
Make differential loading idempotent to avoid failures due to retry to insert the same entry again, caused by the JGit Issue 582044.
Issue 40015614: Show correct cherry-picked list for imported changes
The UI ran the following query to determine if a change had been cherry-picked from another branch: project:<projectName> change:<changeID> -change:<changeNum> -is:abandoned
Modified the query adhering to the cherry-pick change definition: project:<projectName> change:<changeID> -branch:<currentBranch> -is:abandoned
Change 357634: Fix parsing legacy labels for users with comma
This change fixes a bug introduced by 336883 when parsing labels where a UUID was present together with a user name containing a comma.
Change 347316: Fix Bazel build on Apple M2 ARM64 chip
Bazel fails to select the correct java-tools binaries for Apple's ARM64 architecture and downloads the generic x86. This fix disables the download of the pre-compiled java_tools, allowing Bazel to build them locally for the correct architecture.
Change 375634: Fix listing files for initial commit against the first parent
DiffOperations used an empty tree as the base commit when getting the diff for an initial commit and the user specified comparing against the first parent (which doesn't exist). In this case the request failed with 500 ISE because the empty tree is not a commit and thus we run into an IncorrectObjectTypeException. Instead of failing in this case we are now falling back to comparing against the default root.
Documentation fixes
40014489: Announce / document that building with Java 8 is no longer supported
Documents that building with Java 8 is no longer supported. Java 11 is now required and removes the now unused error_prone_warnings_toolchain.