Download: 3.1.16 | 3.1.15 | 3.1.14 | 3.1.13 | 3.1.12 | 3.1.11 | 3.1.10 | 3.1.8 | 3.1.7 | 3.1.6 | 3.1.5 | 3.1.4 | 3.1.3 | 3.1.2 | 3.1.1 | 3.1.0
Documentation: 3.1.16 | 3.1.15 | 3.1.14 | 3.1.13 | 3.1.12 | 3.1.11 | 3.1.10 | 3.1.8 | 3.1.7 | 3.1.6 | 3.1.5 | 3.1.4 | 3.1.3 | 3.1.2 | 3.1.1 | 3.1.0
Support for git protocol v2
Polymer 2
Mandatory plugins
Performance logging and tracing
See the New Features section for further details.
This release does not contain any schema changes. To upgrade:
java -jar gerrit.war init -d site_path
The accounts, changes and groups index versions have been increased. To run off-line reindexing (optional):
java -jar gerrit.war reindex -d site_path
By default indexes are automatically rebuilt upon the Gerrit startup after the upgrade.
reviewdb.client
package is renamed to entities
Plugins or extensions that import classes from the com.google.gerrit.reviewdb.client
package must change the imports to com.google.gerrit.entities
.
Id
and NameKey
classesPlugins and extensions that instantiate and use classes such as Account.Id
, Change.Id
, Project.NameKey
, Branch.NameKey
, etc, must adapt to the following changes.
The classes can no longer be instantiated with the new
operator. Instead they must be created with static factory methods.
new Account.Id(...)
--> Account.id(...)
new AccountGroup.Id(...)
--> AccountGroup.id(...)
new AccountGroup.UUID(...)
--> AccountGroup.uuid(...)
new Branch.NameKey(...)
--> BranchNameKey.create(...)
new Project.NameKey(...)
--> Project.nameKey(...)
‘Getter’ methods are now generated by the auto-value library and no longer have the get
prefix.
Account.getName()
-> Account.name()
Response<T>
REST API endpoint implementations must now return a Response
object that explicitly sets a status code. Plugins that currently only return an Object
must be adapted to the new interface.
The Powermock and Easymock libraries are no longer exported in the acceptance-framework
artifact, and are replaced by Mockito. Plugins that use Powermock and/or Easymock in their tests should either add explicit dependencies, or migrate the tests to Mockito.
The Gerrit frontend has been migrated from Polymer 1 to Polymer 2 and to using Shadow DOM. This may break JavaScript plugins, e.g. if they use document.getElementById()
to reach into the DOM. Instead, plugins will have to use dedicated plugin endpoints together with calling plugin.registerCustomComponent
.
Internet Explorer is not supported. Major browsers are supported for the following versions and newer: Firefox 68, Chrome 76, Safari 12.1.
refs/drafts/
is removedThe change.allowDrafts
configuration option is removed, and it is no longer possible to push new changes or patch sets to refs/drafts/<branch-name>
.
refs/changes/
is removedThe receive.allowPushToRefsChanges
configuration option is removed, and it is no longer possible to add a new patch set to a change by pushing to refs/changes/<change number>
.
.gitconfig
JGit's configuration options are now read from the $site/etc/jgit.config
file rather than the system level .gitconfig
.
Many NoteDb operations require walking the entire change meta ref and loading its contents into memory, so changes with arbitrarily many updates may cause high CPU usage, memory pressure, persistent cache bloat, and other problems.
A new configuration option change.maxUpdates
allows to set the maximum number of updates that are allowed.
container.slave
is renamed to container.replica
The container.slave
option is still recognized as an alias of container.replica
but is deprecated and will be removed in a future release.
MessageOfTheDay
extension point is removed.The MessageOfTheDay
functionality was not ported to the PolyGerrit-UI and the MessageOfTheDay
extension point was removed with the 3.1.3 release. However, the JS API provides the banner
entrypoint for plugins to add messages to the UI. Plugins that were previously using the MessageOfTheDay
extension point have to be adapted accordingly.
test.submit_rule
and test.submit_type
REST APIs now require inputIn previous versions of Gerrit it was possible to omit the rule from the input and the project's default submit rule would be tested. Now the rule is required, and the request will fail with ‘400 bad request’ if the rule is not provided.
Git protocol V2 is now enabled by default. A new permission-aware ref database ensures that Gerrit only ever returns refs that the calling user has access to.
It is possible to configure which plugins are mandatory. Gerrit will fail to start if a mandatory plugin cannot be loaded.
Disabling and restarting of a mandatory plugin is rejected, but reloading of a mandatory plugin is still possible.
replication.config
The new option event.payload.listChangeOptions
allows to configure which options are used when rendering internal events. This can be used to reduce performance impact of rendering many options.
See the documentation for full details.
Accounts
DETAILS
query option on the query accounts endpoint now includes the status
and state
fields in the response.Changes
New SKIP_DIFFSTAT
option for the query changes endpoint.
Computation of the insertions
and deletions
fields may be expensive for large trees. The new SKIP_DIFFSTAT
option allows to omit it from the result.
New exclude-groups
option on the Suggest Reviewers endpoint.
New optional commit-message
field on the input for cherry-pick endpoints.
If the optional message is provided, it is used, otherwise the message from the cherry-picked change is used.
New optional topic
field on the input for the revert endpoint.
If the optional topic is provided, it is used, otherwise the topic from the reverted change is used.
Config
change.api.excludeMergeableInChangeInfo
is now included in the response from the Get Server Info endpoint.Projects
New endpoint: Update dashboard.
The new endpoint currently only works for the default dashboard.
Issue 5082: Fix internal server error when getting blame for removed/replaced file.
Issue 11918: Fix internal server error when deleting a ref by git push.
Issue 12246: Fix generation of duplicate Change-Id
s when creating a new change via REST.
The Change-Id
was computed from the commit content and the timestamp, which resulted in the possibility for two changes to get the same Change-Id
when two empty changes were created by REST at the same time.
The Change-Id
is now generated randomly.
Remove easymock, powermock and javassist from the acceptance framework
Remove promise-polyfill
Add mockito in the acceptance framework
Upgrade Apache sshd and mina-core to 2.3.0
Upgrade auto-value to 1.7
Upgrade bouncycastle to 1.61
Upgrade commons-compress to 1.18
Upgrade gitiles-servlet and blame-cache to 0.3-6
Upgrade jetty to 9.4.18.v20190429
Upgrade JGit to v5.5.1.201910021850-r-152-g63fc6970c
Upgrade polymer to 2.7.2
Upgrade polymerelements/iron-autogrow-textarea to 2.2.0
Upgrade polymerelements/iron-dropdown to 2.2.1
Upgrade polymerelements/iron-icon to 2.1.0
Upgrade polymerelements/iron-iconset-svg to 2.2.1
Upgrade polymerelements/iron-input to 2.1.3
Upgrade polymerelements/iron-overlay-behavior to 2.3.4
Upgrade polymerelements/iron-selector to 2.1.0
Upgrade polymerelements/iron-test-helpers to 2.0.1
Upgrade polymerelements/test-fixture to 3.0.0
Upgrade polymerelements/paper-button to 2.1.3
Upgrade polymerelements/paper-input to 2.2.3
Upgrade polymerelements/paper-item to 2.1.1
Upgrade polymerelements/paper-listbox to 2.1.1
Upgrade polymerelements/paper-tabs to 2.1.1
Upgrade polymerelements/paper-toggle-button to 2.1.1
Upgrade visionmedia/page.js to 1.11.4
Upgrade truth to 1.0
Security Fixes
Issue 14732: Commits/IncludedIn exposes branch names without respecting the ACLs on branches
When calling the REST endpoint for listing all branches that a commit SHA1 is part of, the commit is properly checked for visibility against the ACLs (it is a REST resource) but the branches were not checked.
The included-in may have exposed the list of non-visible branches to a user that had visibility purely on the SHA1.
Issue 7282: Hide repository name and description when user has no access
Gitiles did not respect Gerrit's permission and would show the repo name and description to any user who could guess the name. The repositories list as well as the content APIs were not affected.
Bug Fixes
Issue 14639: Searching repositories by name is case-sensitive
Restore the correct project search that was case-insensitive in 2.16.27, 3.1.3 and 3.3.2.
Change 307602: Fix NPE while accessing draft refs
Change 307482: EqualsLabelPredicate: fix bug that prevents matching owner votes
Bug Fixes
Issue 14553: Gerrit REST-API fails when using /a/ prefix and cookies
Recent fix to support GerritAccount Cookie authentication for Git/HTTP broke existing Python (or other) scripting when performing automation with Gerrit REST-API. That is due to the generation of the GerritAccount cookie in the HTTP response, which Python automatically manages to reuse in subsequent calls.
Issue 13721: Don't serve polygerrit assets for git requests
After migration to Polymer UI, PolyGerrit static resources are mounted at the root of the gerrit URL, and would collide with project namespaces, so that the project with these prefixes cannot be served with Git over HTTP protocol.
Bug Fixes
Fix registration redirect on OpenID
Log when a new SSH connection is rejected due to exceeded limit
When the sshd.maxConnectionsPerUser
got exceeded for a user, new connections from that user were rejected but no log entry was reported.
Issue 14127: Fix binding of DELETE REST calls from plugins.
The processing of the DELETE request actually never reached the delete-project plugin due to bug in the RestApiServlet which wrongly delegated the request to a child collection in Gerrit core.
Issue 13140: OpenID: Remove support for Yahoo! OpenID provider.
Yahoo! discontinued support for OpenID provider: “OpenID2 will be EOLed on 6/30/20”
Issue 14246: Creation of internal account does not respect auth.userNameToLowerCase
.
The CreateAccount SSH command and REST API was able to create accounts with usernames that contained uppercase letters even if auth.userNameToLowerCase
was set to true.
Issue 14490: Missing LDAP metrics for authentication.
Expose the LDAP metrics in terms of latency and call rates so that any problem can be highlighted early on and potentially alerted to the Gerrit admin.
Issue 14497: Git/HTTP traffic overloads LDAP with duplicate authentication requests.
When authenticating incoming Git calls over HTTP the BasicAuth filter was called 3 times per call triggering multiple authentications against the backend.
Issue 14508: Allow GerritAccount Cookie authentication for Git/HTTP.
Allow to create a Gerrit session from the GerritAccount cookie set on the Git client, so that only the first HTTP call will actually authenticate and create a session whilst all the others would just reuse the existing cookie.
Issue 11142: ssh to gerrit with no args requires standard input to terminate.
JGit Issue 552173 Too many open files when fetching repos with lots of refs
JGit update fixes “Too many open files” errors.
Dependency Updates
New Features
Breaking Changes
Elasticsearch: Support for EOL versions 7.2 and 7.3 is discontinued. Both elasticsearch versions became EOL recently.
Issue 13931: Disallow editing the Change-Id during inline edits.
Bug Fixes
Issue 12443: Stop generating continuous “logging context is not empty” in error_log.
Issue 14097: Allow enabling of Git GC button for non-local Git repository managers, such as multi-site repositories.
Issue 14118: Quota management: enforce repository size on pack rather than on object.
PolyGerrit Fixes
Replication plugin fixes
Documentation updates
Align the recommended buildifier version to v4.0, the same used in the CI.
Development guidelines: mention that Optional in arguments is discouraged (use @Nullable instead) but may be used as return type.
Dependency Updates
New Features
Add change query option allowing administrators to skip visibility filtering.
Add a new REST-API change query option “skip-visibility” to allow administrators to skip visibility filtering.
Security Fixes
Issue 13858 CVE-2021-22553: Fixed memory leak in Git-over-HTTP requests.
Unauthenticated users could exploit this problem in a Denial of Service attack, causing the server to go out-of-memory.
PolyGerrit Fixes
Replication plugin fixes
Don‘t check read permission when authgroup isn’t set.
Do not check for read permission when authGroup is not set since the user is a RemoteSiteUser that is-an InternalUser having read access to everything. This fixes a regression introduced in v3.1.10 that prevented the All-Users.git repository to be fully replicated to Gerrit replicas.
Bug Fixes
Issue 13803: Limit number of ambiguous accounts in error message.
Don't list more than 3 ambiguous accounts in error message of UnresolvableAccountException in order to prevent flooding the log and displaying a lot of sensitive account data in an error dialog.
Issue 13936: Fix badly formatted error message shown in error dialog.
Issue 13884: Fix ‘is:submittable’ query on multiple submit records.
Dependency Updates
Update highlight.js to 10.5.0.
Update Jetty to 9.4.35.v20201120.
Downgrade soy-template to 2019-10-08.
Breaking Changes
Elasticsearch: Support for EOL version 6.8 is discontinued. This was the last supported minor version of Elasticsearch 6 in Gerrit. From this release, Gerrit no longer supports V6 but only the already supported versions 7.x of Elasticsearch.
Security Fixes
Issue 12629: Verify hostname when sending emails via SMTP server with SMTPSClient.
The SMTP server's certificate and hostname must be verified if encryption is enabled with SSL verification in the host settings (sendemail.smtpEncryption
and sendemail.sslVerify
).
PolyGerrit Fixes
Bug Fixes
Issue 13781 Compact the REST-API output JSON unconditionally.
The output JSON was initially compacted only when the Accept header was set to application/json
: the compation is now done unconditionally, unless the pp=1
query parameter is specified.
Issue 13786 ForRef#check should permit internal users to read all refs:
Make PermissionBackend#ForRef
authoritative change introduced a regression where gerrit internal users
(e.g. plugins) were not taken into consideration when checking READ permission. As consequence the All-Users.git
repository did not get any of the user's refs replicated to the slaves. After the upgrade it is required to trigger a forced replication of the All-Users.git
repository manually.
Documentation Updates
Clarify that ‘m’ push option sets patch set description.
Clarify that disk cache metrics require cache.enableDiskStatMetrics
.
Dependency Updates
Upgrade testcontainers to 1.15.1.
Upgrade Jetty to 9.4.33.v20201020.
Breaking Changes
Elasticsearch: Support for EOL versions 6.6 and 6.7 is discontinued.
Logging: --console-log
-flag of gerrit.war daemon
respects log.textLogging
and log.jsonLogging
options
Change in the default behaviour of the --console-log
flag. Since log.textLogging
in the gerrit.config
is true
by default, using the --console-log
-flag now writes logs to the error_log
-file in addition to stderr by default. This can be avoided by setting log.textLogging = false
.
Security Fixes
Issue 13621 CVE-2020-8919: Make PermissionBackend#ForRef
authoritative.
Fixes a misconception that leads to data being accessible through Gerrit APIs that should be locked down.
Gerrit had two components for determining if a Git ref is visible to a user: (Default)RefFilter
and PermissionBackend#ForRef
(e.g., RefControl
). The former was always capable of providing correct results for all refs. The latter only had logic to decide if a Git ref is visible according to the Gerrit READ
permissions. This includes all refs under refs/heads
as well as any other ref that isn't a database ref or a Git tag. This component was unaware of Git tags and notedb-related refs. Hence, when asked for a database reference such as refs/changes/xx/yyyyxx/meta
, the logic would allow access if the user has READ
permissions on any of the ref prefixes (such as the default “read refs/* Anonymous Users”).
That was problematic, because it bypassed documented behavior where a user should only have access to a change if he can see the destination ref. The same goes for other database references.
Issue 13514 CVE-2020-8920: Work around Gitiles bug on All-Users
visibility.
Gitiles has a special FilteredRepository
wrapper that allows carefully hiding refs based on the project's ACLs. There is however an optimization that skips the filtering in case a user has READ
permissions on every ACL pattern(s). When the target repository is All-Users
, the optimization turns into a security issue because it allows seeing all personal information associated with all accounts, i.e.:
This fix now blocks Gitiles or any other part of Gerrit to abuse this power when the target repository is All-Users
, where nobody can be authorized to skip the ACLs evaluation anyway.
This minor release has been withdrawn.
Security Fixes
Issue 12846: BadMessageException: 500: Response header too large.
Bump Jetty version to 9.4.30.v20200611 to fix regression introduced in Jetty version: 9.4.27.v20200227.
Response header overflow leads to buffer corruptions Jetty server always allocates maximum response header size.
For more details see also upstream issues:
Bug Fixes
Issue 12959: Submit: Use updated change for response
The response was sent with the change instance from before it got submitted, rather than the updated change. As a result, the response contained the status “NEW” rather than “MERGED”.
Issue 13166: Include request latency in httpd_log.json
The latency field was missing in the entries of JSON-formatted http logs.
Issue 12917: Switching between changes fails and in-line edit returns HTTP status 404.
Switching between changes in a change series randomly fails. Also, when adding a file to a change using in-line edit fails constantly with an HTTP status 404.
Security Fixes
Bug Fixes
Issue 12680: Run projects reindex after Gerrit init only when needed, speeding up the upgrade process.
Issue 12778: Fix Included In
filter not working in the search box.
Issue 12909: Fx missing index creation after Gerrit init.
Issue 12918: Fix missing email notifications for project watches for changes created via cherry-pick.
PolyGerrit Fixes
Issue 11368: Fix Javascript error if project has incorrect access configuration in Global Capabilities
.
Issue 12899: Speedup the rendering of changes with large number of comments by lazy loading them when expanded.
Documentation Updates
New Features
Support for rolling upgrade to Gerrit v3.2.0.
New interface AccountActivationListener
available to plugins for listening to accounts activation status changes.
Security Fixes
Issue 12717: Deny access over HTTP for disabled accounts.
A disabled account was still able to access over HTTP until the existing session expired.
Close active SSH connections associated to an account that has been disabled.
Bug Fixes
Issue 12844: Update account full name when it changes in LDAP.
Issue 12850: Ignore WIP changes in “CCed on” dashboard section.
Replication plugin fixes
PolyGerrit Fixes
Documentation Updates
New Features
Add a new metric for monitoring Java deadlocks.
The metric proc/jvm/thread/num_deadlocked_threads
monitors the number of threads that are deadlocked waiting for object monitors or ownable synchronizers.
Add support for Elasticsearch 7.7.
Breaking Changes
Metrics: Cache disk stat metric computation is disabled by default
Calculation of the cache disks stat metrics for persistent caches is disabled by default because it is a very expensive operation that can block a thread for several minutes on larger installations.
Installations that still want to use this metric must explicitly enable it with the cache.enableDiskStatMetrics configuration option.
Plugin API: Deprecated methods related to the draft workflow and change edits are removed
ChangeApi.getEdit()
ChangeApi.publish()
RevisionApi.delete()
RevisionApi.publish()
Issue 12527: Elasticsearch: Support for EOL versions v5.6 and v6.0 to v6.5 is discontinued
End-to-end Tests Improvements
Allow end-to-end tests to proportionally scale on their expected execution times.
A power_factor
environment property was added to the end-to-end tests core framework. Using that optional property, scenario steps can take some more (or less) time prior to expecting proper completion.
The way to set that property locally then depends on the target runtime environment, or SUT latency. The property may be used for either core or plugin scenarios.
FlushProjectsCache
related scenarios added to core (and the high-availability
plugin).
Support for relative runtime weights in scenarios.
Each scenario can now either weight like any other by default, or override that default with a greater weight value, compared to siblings that are lighter on execution times.
Beside core, make the high-availability
and multi-site
plugin scenarios reuse this.
Allow scenarios to create and delete Gerrit changes alongside projects.
Add the corresponding core support for an optional http
request body to every such GerritSimulation
. Either automate or allow environment properties to feed the related input test data.
Beside core, make the high-availability
and multi-site
plugin scenarios test changes that way. The latter currently has Issue 12693 as a known limitation.
Bug Fixes
Issue 12606: Fix visibleto
predicate for groups.
If a group name was used in the visibleto
predicate, changes were not returned even if the group had permission to see them.
Issue 12747: Fix change query visibility for internal user.
Issue 12755: Block the removal of the Realm primary external ids.
It was possible to remove the email address associated with the primary id of a Realm, effectively resulting in the account being removed.
Isssue 12786: Fix wrong status returned when auth backend couldn't be reached.
The response 401 was returned when the auth backend could not be reached, instead of the response 503.
Issue 14242: Fix email token verification failures caused by non-URL-encoded characters.
Issue 11625: Avoid multiple notifications for existing reviewers.
Fix internal server error on parsing commit message during receive commits.
Add autocomplete="off"
to LDAP login form.
Some security tools will flag the absence of the autocomplete flag as a possible security issue, as it could allow for passwords to be saved and automatically filled in on shared computers.
Accept --ownedby
as an alias of --owned-by
in the groups REST API.
The option was incorrectly documented as --ownedBy
which resulted in an error “not a valid option” if anyone tried to use it.
The documentation is fixed, and --ownedby
is added as an alias so that it also works for anyone still referring to the old documentation.
Fix various misuses of the Flogger API causing exception details to be omitted in the log output.
Exceptions were not properly passed to the logger which would cause the details to be omitted, or in some cases the message “ERROR: UNUSED LOG ARGUMENTS” to be emitted.
Issue 12673: Fix emitting debug logs while running tests.
PolyGerrit UI Fixes
Issue 12707: Apply diff preferences immediately after pressing “Save”.
Issue 12690: Only show the “Edit” button for open changes in the diff view.
Issue 12726: Fix incorrect highlighting after /
character in Javascript.
Issue 12775: Fix parent of previous patch sets not being available.
Issue 12385: Fix memory leak in gr-plugin-endpoints
.
Replication Plugin Fixes
Issue 12678: Fix missing replication Id in replication logs.
The migration to use Flogger in 2.16.17 caused a regression in the logging, where the replication Id was omitted from the logs. This is fixed by reverting back to slf4j logging for the replication log.
Issue 12719: Fix replication start --wait
to track in-flight collisions and to not fail.
Issue 12731: Don‘t lose state when there’s a pending push to the same ref.
If there was already a pending push (not an in-flight push) to the same endpoint, the start for the push would be dropped when adding the push to the Destination. This meant that a replication start --wait
command would never complete when one of its pushes was pending since its state would never receive the completion notification for that push.
Issue 11745: Fix firing pending “..all..” events on startup.
Issue 11760: Make persistent task keys stable.
Fix URL matching to match real URLs in addition to templated URLs.
Log when skipping deletion of a ref when pushing to a remote in mirror mode.
Improve logging of push failures caused by a lock failure on the remote.
Improve logging of refs to be pushed.
Library Upgrades
Upgrade rules_closure to forked version
This fixes the “-parameters is not supported for target value 1.7. Use 1.8 or later.” warning when building. See PR 478.
Issue 12448: Upgrade Guice to 4.2.3 and switch to using no-AOP Guice distribution
This allows to more easily support newer JDK versions.
Upgrade asm to 7.2
Upgrade jackson-core to 2.11.0
Upgrade jetty to 9.4.27.v20200227
Breaking Changes
The LogThreshold
annotation is removed.
The default log level for tests has been changed from DEBUG to INFO, and this annotation is no longer needed. It was originally introduced to allow classes to explicitly set their log level at level other than DEBUG.
Plugins that use this annotation must be adjusted.
New Features
Add support for Elasticsearch 7.6.x.
Include upload-pack
metrics in the sshd log.
In order to enable detailed performance and problem analysis, upload-pack
metrics are now included in the sshd log.
Add new configuration setting core.packedGitUseStrongRefs
.
When set to true, this option enables using strong references to reference packfile pages cached in the WindowCache. If this option is set Java gc can no longer flush the WindowCache to free memory if the used heap comes close to the maximum heap size. On the other hand this provides more predictable performance.
Add new configuration setting sendemail.denyrcpt
.
This new setting works alongside the existing sendemail.allowrcpt
, and allows to configure email addresses or domains that Gerrit may not send to.
Allow to format HTTP and SSH logs in JSON format.
When log.jsonLogging
is enabled, the HTTP and SSH logs are formatted as JSON, making it easier for them to be parsed. Note that the error log was already formatted in JSON when this option was enabled.
Add new metrics.
Metrics are added for:
Refer to the metrics documentation for full details.
Issue 11493: Add an “Edit” button to the diff view in the PolyGerrit UI.
Add support for fsharp in highlighting syntax in the PolyGerrit UI.
Issue 12364: Add support for going to a specific line number in the inline editor.
Add prolog predicate to determine number of parents.
The new predicate commit_parent_count
can be used to detect merge commits.
Add NamedFluentLogger
.
NamedFluentLogger
is an extension to Flogger that allows to create a logger with a given name rather than the name of the enclosing class.
Issue 12444: Add support for max_result_window
in Elasticsearch index configuration.
Add a Code Coverage layer and plugin API in the PolyGerrit UI.
See Chromium issue 939904 for details.
Allow customizing the Gerrit httpd.listenUrl configuration in Docker using the HTTPD_LISTEN_URL environment variable.
Library Upgrades
Upgrade jackson-core to 2.10.3
Upgrade Jetty to 9.4.24.v20191120, including a fix for supporting IPv6.
Upgrade JGit to v5.6.1.202002131546-r-15-g241557137
Upgrade rules_closure to forked version.
This fixes the “-parameters is not supported for target value 1.7. Use 1.8 or later.” warning when building. See PR 478.
Security Fixes
Issue 12440: Fix the access-path for AbstractGitCommand subclasses.
The access path for the Receive.currentUser in the receive-pack command was wrongly set to SSH_COMMAND instead of to GIT. This allowed project owners to force-update a ref using git-over-SSH without having en explicit permission for that.
Bug Fixes
Fix size explosion of All-Users
caused by draft comment removal.
Modify draft comments generation so that, when removed, they to point to an empty parent.
Issue 11772: Cancel deprecation of change identifiers that was planned since 2.16.
Since 2.16 the documentation of change identifiers states that the identifiers other than <project>~<numericid>
are deprecated and will be removed in a future release. Since then the identifiers have still not been removed and there is no clear plan to do so.
It is likely that “deprecated” identifiers are still used in links in places where they can't be updated, for example in emails and forum posts. Due to this, and since continuing to support all of the types does not add any technical burden, ESC decided that the deprecation should be cancelled.
The change.api.allowedIdentifier
configuration setting is now obsolete and has been removed.
Issue 3340: Fix internal server errors when setting project access permission with bad regex.
Fix removal of stale metrics from the metrics registry.
Issue 12349: Fix time attribute of file entries in plugin artifacts.
Make assumption on number of query results explicit for change Id arguments.
When a change Id passed as argument was resolved to multiple changes, the first returned change was arbitrarily used. Now an error will be raised and logged.
download-commands plugin: Set SSH default port to 22.
Document dependency from account deactivator to autoUpdateAccountActiveStatus and log a warning if the account deactivation task is configured but will not be scheduled.
Fix handling of ambiguous name in visibleto
search predicate.
If the visibleto
search predicate was used with a display name that resolved to more than one account, the first account in the result was arbitrarily used. Now, this case will result in an error.
Fix a dependency injection runtime error in DeleteZombieDrafts program.
Issue 12473: Fix broken links in Elasticsearch configuration documentation.
PolyGerrit UI Fixes
Issue 4616: Open commentlinks to changes on the same server in the same tab.
Issue 12031: Fix issues with caching edited commit message.
Remove target=_self
from commentlinks.
Replication Plugin Fixes
Check nulls in firePendingEvents at startup.
After a sudden reboot (for unknown reason) Gerrit at startup couldn't load because of NullPointerException.
Change default for the replicateOnStartup
to false.
Issue 12559: replicateOnStartup not loaded and always considered as false.
New Features
Include request description in HTTP thread names.
The HTTP worker threads had generic names like HTTP-100
, HTTP-101
, etc. While we could conclude from the stack trace what this thread was doing, we missed some important information like repository name, user name, etc.
The HTTP threads now have descriptive names. For example, if there is an ongoing git-fetch operation we will see a thread named like: HTTP POST /a/myProject/git-upload-pack (johndoe from 10.87.75.169)
.
This makes the naming consistent with SSHD threads, which are named like: SSH git-upload-pack /myProject (johndoe)
.
New metrics for Jetty threadpool.
The new metrics are exposed under http/server/jetty/*
.
Utility program to delete zombie draft comment refs.
Deletion of draft comment refs was broken until 2.16.14, resulting in draft comment refs not getting deleted properly. Although it has been fixed, it's still possible that zombie refs exist from previous versions. The new site program DeleteZombieCommentsRefs
can be used to remove them.
Highlight WORKSPACE
and BUILD.bazel
files as Python in the PolyGerrit UI.
Breaking Changes
The MessageOfTheDay
extension point is removed.
The MessageOfTheDay
functionality was not ported to the PolyGerrit-UI and the MessageOfTheDay
extension point was removed with the 3.1.3 release. However, the JS API provides the banner
entrypoint for plugins to add messages to the UI. Plugins that were previously using the MessageOfTheDay
extension point have to be adapted accordingly.
Bug Fixes
Issue 12097: Fix migration to NoteDb when orphan changes exist.
In the case where a change belonged to a repository that did not exist, the migration failed.
Issue 9296: Fix wrong diff of commit message between different patch sets of a merge commit.
Issue 7969: Fix internal server error when diffing MERGE_LIST
between different patch sets of a merge commit.
Issue 10397: Don't send notification email when publishing a change edit on a WIP change.
Issue 12243: Fix unexpected deactivation of service user accounts.
Fix editing name and email for service user accounts.
Fix internal server error when a change edit includes an invalid file path.
Invalid file paths are now rejected as ‘400 Bad Request’.
Fix internal server error when giving an invalid merge strategy to the ‘Create Merge Patch Set’ REST endpoint.
Fix a resource leak in the ‘Get Patch’ REST endpoint.
Don't check for conflicting refs when deleting a ref; improve performance of migration to schema 167.
The migration to schema 167 involves deletion of refs. The performance was poor for large installations (for example 30k user refs and 20k groups) because the ref deletion implementation was doing an unnecessary check for conflicting refs.
Fix setting _moreChanges
to the wrong value in change query REST results.
Upgrade highlight-js to get various fixes in source code highlighting:
PolyGerrit UI Fixes
Issue 11980: Fix handling of LDAP groups containing a dot in the PolyGerrit permissions screen.
Issue 12197: Fix rendering of commentlinks using link
.
Issue 11697: Fix rendering of commentlinks without leading whitespace.
Issue 12224: Honor the date format preference when displaying dates.
Issue 12184: Fix link in blame annotation to link directly to the commit.
Issue 12108: Add missing ‘Page ...’ on pagination links in the repository list.
Fix the size of the commit message box.
Fix a parse error on the repository list.
Fix multiple triggers when shift-r
is held.
Wrap filenames onto two lines in the file list if the filename is too long.
Add a right margin to the search bar.
This creates some space between the search bar and the header-browse-source
endpoint where you often see a ‘Repositories’ link.
Replace ‘Menlo’ font with ‘SF Mono’.
‘Menlo’ was replaced by ‘SF Mono’ from Mac OS 10.11, and ‘Menlo’ does not render symbols and characters correctly.
Other Changes
Upgrade JGit to v5.6.0.201912101111-r-31-g3d59d1b80.
Upgrade jackson-core dependency to 2.10.2
Improve logging when a metadata update fails.
Update external Ids documentation with information on how to find the sha1 of an external Id and how to show the corresponding change note.
New Features
Include thread name in the HTTPD and SSHD logs.
Having thread name in the HTTPD and SSHD logs makes it easier to match entries from the error log. The error log entries already contain the thread name, so with the thread name included in each entry in the HTTPD and SSHD logs, we have more data to match an error to a request than just the timestamp.
PolyGerrit UI Fixes
Other Fixes
Issue 12070: Fix internal server error on git over HTTP calls when SSHD is enabled.
Double cleanup of the request context caused an internal server error on push or fetch via git over HTTP.
Fix generation of SSH keys with empty passphrase.
The -N
option of ssh-keygen
was correctly used for generation of RSA keys, but for other types -P
was used.
Extend documentation of external Ids to include examples of how to generate the sha1 of an external Id and how to show the git note of the Id.
New Features
Issue 11973: Add copy-to-clipboard for generated HTTP password.
Add support for doctag in PolyGerrit UI syntax highlighter.
Add an event interface in the PolyGerrit API.
Add support for Elasticsearch 7.5.
Add documentation of how to perform backups of Gerrit.
PolyGerrit UI Fixes
Issue 12024: Fix undefined branch in create-destination-dialog.
Issue 11969: Fix tab index in reply dialog.
Issue 11993: Stop loading fonts from external resources.
Issue 11984: Fix top menu bar on iOS.
Issue 8282: Avoid browser caching for diff on edit patch.
Issue 9444: Fix syntax highlighting for multi-char char constants.
Issue 12020: Fix ‘New Contributor Agreement’ screen.
Fix gr-syntax-params
css class.
Fix overflow of branch name in change list.
Other Fixes
Issue 11989: Fix internal server error when pushing over SSH with git protocol v2.
Issue 11962: Fix advertisement of refs/meta/config
in git protocol v2 when client does not have access to it.
Issue 11986: Fix fetching individual ref with git protocol v2.
Issue 7645: Fix thread deadlock when loading accounts from the account cache.
Replacing Guava caches with Caffeine reduces the chances of having the deadlocks and improves the cache performance.
Issue 11918: Fix internal server error when deleting a tag or branch by git push.
Issue 11650: Fix reindexing of changes after project is deleted in the delete-project
plugin.
Disallow deleting the refs/meta/config
branch via the ‘Delete Branches’ REST API.
Disallow deleting the HEAD
ref via the ‘Delete Branches’ REST API.
Allow empty base revision in the ‘Create Branch’ and ‘Create Tag’ REST APIs.
Fix deletion of draft comment refs.
In some situations, draft comment refs were not properly deleted but left empty. This resulted in unused draft refs persisting in the All-Users
repository, polluting the namespace. Published draft comments as well as deleted draft comments were kept in the history of the draft ref, keeping them alive for GC, and causing a steady increase of repository size.
Use correct content type text/plain
instead of plain/text
in ‘Create SSH Key’ REST API.
Fix handling of interactive/batch users in the QoS filter.
For the git-over-http requests this filter didn't work properly because the basic authentication happened later in the filter chain and at the moment when the QoS filter was invoked the current user was not yet set.
Add project name to headers of outgoing change emails.
Fix and expand documentation of ref-update
and commit-received
hooks in the hooks plugin.
Upgrade JGit to v5.6.0.201912041214-rc1