Google Git
Sign in
gerrit / homepage / 100744d9c150002e038a270b9b0162c8fb186ab5 / . / pages / site / releases / 2.16.md
blob: 48fe921dbca1fa11a1a6e60c6b5bcc48f8e1e1bf [file] [log] [blame] [view]
---
title: "Gerrit 2.16 Release"
permalink: 2.16.html
hide_sidebar: true
hide_navtoggle: true
toc: true
---
Download: **[2.16.28](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.28.war)**
| [2.16.27](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.27.war)
| [2.16.26](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.26.war)
| [2.16.25](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.25.war)
| [2.16.23](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.23.war)
| [2.16.22](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.22.war)
| [2.16.21](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.21.war)
| [2.16.20](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.20.war)
| [2.16.19](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.19.war)
| [2.16.18](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.18.war)
| [2.16.17](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.17.war)
| [2.16.16](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.16.war)
| [2.16.15](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.15.war)
| [2.16.14](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.14.war)
| [2.16.13](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.13.war)
| [2.16.12](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.12.war)
| [2.16.11.1](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.11.1.war)
| [2.16.10](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.10.war)
| [2.16.9](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.9.war)
| [2.16.8](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.8.war)
| [2.16.7](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.7.war)
| [2.16.6](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.6.war)
| [2.16.5](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.5.war)
| [2.16.4](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.4.war)
| [2.16.3](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.3.war)
| [2.16.2](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.2.war)
| [2.16.1](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.1.war)
| [2.16](https://gerrit-releases.storage.googleapis.com/gerrit-2.16.war)
Documentation: **[2.16.28](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.28/index.html)**
| [2.16.27](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.27/index.html)
| [2.16.26](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.26/index.html)
| [2.16.25](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.25/index.html)
| [2.16.23](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.23/index.html)
| [2.16.22](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.22/index.html)
| [2.16.21](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.21/index.html)
| [2.16.20](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.20/index.html)
| [2.16.19](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.19/index.html)
| [2.16.18](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.18/index.html)
| [2.16.17](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.17/index.html)
| [2.16.16](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.16/index.html)
| [2.16.15](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.15/index.html)
| [2.16.14](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.14/index.html)
| [2.16.13](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.13/index.html)
| [2.16.12](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.12/index.html)
| [2.16.11.1](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.11.1/index.html)
| [2.16.10](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.10/index.html)
| [2.16.9](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.9/index.html)
| [2.16.8](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.8/index.html)
| [2.16.7](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.7/index.html)
| [2.16.6](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.6/index.html)
| [2.16.5](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.5/index.html)
| [2.16.4](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.4/index.html)
| [2.16.3](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.3/index.html)
| [2.16.2](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.2/index.html)
| [2.16.1](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.1/index.html)
| [2.16](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/index.html)
## Release Highlights
* GWT UI is deprecated, and PolyGerrit is now the default UI.
* Experimental Dark Mode in PolyGerrit.
* Inline editing support in PolyGerrit UI.
* Redesigned UI for PolyGerrit based on material design.
* New configuration option to ignore self-approval on labels.
* New CommonMark/Markdown parser.
## Important Notes
### Known problem with schema upgrade
See the [schema changes](#schema-changes) section for more information.
### Known problem with plugins and index
Since 2.14.2 the plugins are loaded before online reindexing is started, so
that prolog rules provided by plugins can be invoked during indexing. See
[issue 6472](https://bugs.chromium.org/p/gerrit/issues/detail?id=6472) for
details.
This causes a problem for any plugins that access the index either directly
or indirectly (i.e. by accessing a cache), because the index is not yet
available when the plugin is loaded during server startup. An example of this
is in the replication plugin, which needs to use the group cache when
`authGroup` is used in a destination configuration.
A fix [issue 10082](https://bugs.chromium.org/p/gerrit/issues/detail?id=10082)
is available since 2.16.3 release.
### Other known issues
* [Issue 12546](https://bugs.chromium.org/p/gerrit/issues/detail?id=12546):
The `Change-Id` footer is inserted at end of trailers instead of start.
The `commit-msg` hook inserts the `Change-Id` at the end of the trailers,
which could result in other trailers such as `Signed-off-by` being added
multiple times.
### Migration to NoteDb
[NoteDb](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/note-db.html)
is now required for accounts (since 2.15) and groups (since 2.16), and is the preferred storage for changes.
In Gerrit 2.15:
* Account data (with the exception of Group data) was moved to NoteDB ([release notes](https://www.gerritcodereview.com/2.15.html#notedb-for-accounts)).
* Change data could be either moved to NoteDB ([migration process](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/note-db.html#migration)), or left in ReviewDB.
In Gerrit 2.16:
* Group data is always moved to NoteDB (it is migrated automatically during the upgrade process, when you run `gerrit.war init`).
When upgrading to Gerrit v2.16, you are strongly advised to migrate fully (including changes) from ReviewDb to NoteDb.
You should review the documentation on [NoteDb](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/note-db.html),
including the information about the migration process:
- [On-line migration](https://gerrit-review.googlesource.com/Documentation/note-db.html#online-migration)
- [Off-line migration](https://gerrit-review.googlesource.com/Documentation/note-db.html#offline-migration)
Although ReviewDb is still technically available on Gerrit v2.16, the upgrade to NoteDb is strongly recommended, although not enforced.
Note that in the next version of Gerrit (v3.0), ReviewDb will not be available.
### Schema Changes
2.16.16 and earlier only support upgrading from 2.15.x. Use 2.16.17+ to
upgrade directly from 2.11.x or newer. Using the latest 2.16.x version is
recommended.
This release contains schema changes. To upgrade:
``` sh
java -jar gerrit.war init -d ${site_path}
```
On large sites, 2.16 schema migration might run for longer durations.
To optimize it, one may execute SQL commands to insert the following
columns for existing tables on a live running gerrit server at any
time before migration work for 2.16 is started (even on really old
2.7 installations).
* work_in_progress, review_started and is_private on changes table.
* post_submit on patch_set_approvals table.
* unresolved on patch_comments table.
To insert these columns run the following SQL:
``` sql
ALTER TABLE changes ADD is_private CHAR(1) DEFAULT 'N' NOT NULL CHECK (is_private IN ('Y','N')),
ADD work_in_progress CHAR(1) DEFAULT 'N' NOT NULL CHECK (work_in_progress IN ('Y','N')),
ADD review_started CHAR(1) DEFAULT 'N' NOT NULL CHECK (review_started IN ('Y','N'));
ALTER TABLE patch_set_approvals ADD post_submit CHAR(1) DEFAULT 'N' NOT NULL CHECK (post_submit IN ('Y','N'));
ALTER TABLE patch_comments ADD unresolved CHAR(1) DEFAULT 'N' NOT NULL CHECK (unresolved IN ('Y','N'));
```
### Reindex for new projects index and changed group index
Gerrit 2.16 introduces a new secondary index for projects. The initial version
of this index must be created by running the offline reindex before starting
Gerrit:
``` sh
java -jar gerrit.war reindex --index projects -d ${site_path}
```
The group index gained two new fields, which Gerrit 2.16 depends on. For this
reason, the following command to offline reindex the group index must be
executed as well:
``` sh
java -jar gerrit.war reindex --index groups -d ${site_path}
```
The offline reindex for groups should also be run on Gerrit slave hosts.
Note that if you are migrating from v2.15, it is not necessary to reindex the changes and accounts indexes
offline. These will automatically be reindexed by the online reindexer after
starting Gerrit.
### Support for GWT UI is deprecated
From 2.16 GWT UI is deprecated and will be removed in a future version.
### Discontinued support for Internet Explorer
PolyGerrit no longer officially supports Internet Explorer. It never really worked.
### Support for Velocity templates removed
In [version 2.14](2.14.md) support for Soy templates was added. For backwards
compatibility, support for Velocity templates (VTL) was kept.
In version 2.16 support for VTL is completely removed. Site administrators must
replace any Velocity templates (`.vm` files in `$site/etc/mail/`) with the equivalent
Soy templates before upgrading to this version.
### Push to refs/changes is deprecated
The possibility to push to `refs/changes` is now disabled by default. It is
still possible to enable it in the gerrit config by setting
[receive.allowPushToRefsChanges](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/config-gerrit.html#receive.allowPushToRefsChanges)
to true.
### Legacy `/p/` prefix for Git/HTTP projects is removed
The `/p/` cannot be used anymore and the `/a/` prefix should be used for Git/HTTP
with basic authentication.
### DELETE requests with bodies are no longer recommended
Some proxies, which are not under client control, prohibit DELETE requests with
bodies. DELETE requests with bodies could work on a first attempt, but could
fail afterwards because a server they have no control over was updated. In this
case, client users could be in trouble if they were not notified.
Therefore, we have decided to no longer recommend sending DELETE requests with
bodies. They will continue to work in this release but should be considered as
deprecated and will be removed in the next release.
### Pegdown is replaced by Flexmark
[flexmark-java](https://github.com/vsch/flexmark-java) is a Java implementation of
CommonMark 0.28 spec parser using the blocks first, inlines after Markdown parsing
architecture.
Its strengths are speed, flexibility, Markdown source element based AST with details
of the source position down to individual characters of lexemes that make up the
element and extensibility, compared to Pegdown speed that was, in general, less than
ideal and for pathological input either hangs or practically hangs during parsing.
### SYSTEM_CONFIG table is removed
This table was used to retrieve the `site_path` directory in unattended setup
mode. As a replacement, system property `gerrit.site_path` should be used.
### Git clients older than 2.x are not supported anymore
The Gerrit `commit-msg` hook script for adding the Change-Id in every local commit
has been simplified and is now using the `git-interpret-trailers` command.
The `interpret-trailers` command is available as of git v2.2.0, released
Dec 2014.
As of Gerrit 2.16.18, the `commit-msg` hook uses the `--where` option to the
`git-interpret-trailers` command. This was added in git v2.15.0, released Oct 2017.
Existing cloned repositories that have been cloned before the migration to v2.16
and thus having the old hook for generating the Change-Id will continue to work.
However, new clones and hook scripts will need to upgrade your local git client
to v2.2.0 or later.
If you have existing older git clients and cannot migrate to v2.2.0 or later, you need
to keep serving the old script, copying it to the Gerrit /static directory, and
then amend the Gerrit helper instructions to download it.
Example (assuming Gerrit installed on $GERRIT_SITE and available at https://gerrit.mycompany.com):
``` sh
$ curl 'https://gerrit.googlesource.com/gerrit/+/stable-2.15/gerrit-server/src/main/resources/com/google/gerrit/server/tools/root/hooks/commit-msg?format=TEXT' > $GERRIT_SITE/static/commit-msg
$ git config -f $GERRIT_SITE/etc/gerrit.config gerrit.installCommitMsgHookCommand 'gitdir=$(git rev-parse --git-dir); curl -o ${gitdir}/hooks/commit-msg https://gerrit.mycompany.com/static/commit-msg ; chmod +x ${gitdir}/hooks/commit-msg'
```
From Gerrit version 2.16.18, users may also download the older version of
the hook from the installed Gerrit site without the admin having to copy
it to the static folder:
``` sh
$ scp -p -P 29418 john.doe@review.example.com:hooks/commit-msg-legacy ~/myproject/.git/hooks/commit-msg
```
Note, however, that with both workarounds mentioned above, the "Clone with
commit-msg hook" command in the project view still results in the new hook
being downloaded.
### `current_user` predicate is removed from the submit rule evaluator
As a consequence of this, the result of a submittability rule check can
no longer depend on the user who is requesting it.
For example, it is no longer possible to define a submit rule that would
enforce that only change owners can submit a change. A workaround is to
grant the 'Submit' permission to the 'Change Owner' group in project
access controls, although note that this can only be done at ref level
and cannot be dynamically applied in the same way that a prolog submit
rule could.
### `startTime` in schedule configuration now requires hours to be zero-padded
As a result of replacing JodaTime with the Java 8 Time API, times specified
in schedule configurations, for example for the GC schedule, must zero-pad
the hours. I.e. `06:00` rather than `6:00`.
## New Features
### 'Read As' capability
The new ['Read As' capability](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.3/access-control.html#capability_readAs)
allows users to impersonate any user to see which refs they can see.
Note: the capability was added in 2.16 but only documented since 2.16.1.
### Disable log file rotation and compression
On sites where log file rotation and compression is done by an external
service such as [logrotate](http://manpages.ubuntu.com/manpages/zesty/man8/logrotate.8.html),
administrators may wish to disable Gerrit's default log rotation and
compression.
This can now be done by setting
[`log.rotate`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16/config-gerrit.html#log.rotate)
and [`log.compress`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16/config-gerrit.html#log.compress)
to `false`.
Both settings default to `true` when not set, to maintain consistent behavior
with previous releases.
### Support for reloading `gerrit.config`
The contents of the `gerrit.config` file are cached at startup by Gerrit. For most configuration
properties, if they are modified in this file, Gerrit needs to be restarted before it will use
the new values. Some properties now support being reloaded without restart.
A new SSH command [`reload-config`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16/cmd-reload-config.html)
and [REST API endpoint](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-config.html#reload-config)
are provided to invoke the reloading.
Not all configuration properties support reloading. For those that do, it is mentioned
in the [documentation](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16/config-gerrit.html).
### PolyGerrit enhancements
#### Repo access view
- [Issue 6569](https://bugs.chromium.org/p/gerrit/issues/detail?id=6569)
Add repo access view.
PolyGerrit UI displays the repository access information and allows editing it.
#### Inline edit
- [Issue 4437](https://bugs.chromium.org/p/gerrit/issues/detail?id=4437)
inline edit is fully implemented using the CodeMirror Editor plugin.
A new core plugin, `codemirror-editor`, is available,
which uses [CodeMirror](https://codemirror.net/) to provide a rich code editing
experience in PolyGerrit.
When you upgrade Gerrit using `init -d`, you are given the option to install the
`codemirror-editor` plugin.
#### Change screen improvements
- [Issue 8213](https://bugs.chromium.org/p/gerrit/issues/detail?id=8213)
Follow-Up button is missing on change screen
- [Issue 8218](https://bugs.chromium.org/p/gerrit/issues/detail?id=8218)
Open inline diff when clicked on file list row
- [Issue 8241](https://bugs.chromium.org/p/gerrit/issues/detail?id=8241)
Change comment threads are interleaved
- [Issue 8260](https://bugs.chromium.org/p/gerrit/issues/detail?id=8260)
Submitted together section shows which change is the one currently displayed
- [Issue 8528](https://bugs.chromium.org/p/gerrit/issues/detail?id=8528)
Show vote chips in change messages
- [Issue 9111](https://bugs.chromium.org/p/gerrit/issues/detail?id=9111)
Add expander icons to messages
- [Issue 9532](https://bugs.chromium.org/p/gerrit/issues/detail?id=9532)
Provide CLI assistance for updating Gerrit changes in the change view
- [Issue 9707](https://bugs.chromium.org/p/gerrit/issues/detail?id=9707)
Assigned to you section on dashboard
- [Issue 2390](https://bugs.chromium.org/p/gerrit/issues/detail?id=2390)
Allow to mark review as read/unread by clicking on some icon and/or button
- [Issue 4528](https://bugs.chromium.org/p/gerrit/issues/detail?id=4528)
Indicate what labels a reviewer can vote on
- [Issue 5178](https://bugs.chromium.org/p/gerrit/issues/detail?id=5178)
File name as header when viewing a change inline.
- [Issue 5329](https://bugs.chromium.org/p/gerrit/issues/detail?id=5329)
Support for the find-owners plugin
- [Issue 5433](https://bugs.chromium.org/p/gerrit/issues/detail?id=5433)
Make SHAs selectable in the UI
- [Issue 5452](https://bugs.chromium.org/p/gerrit/issues/detail?id=5452)
Make shift-j jump to index if no files remain with comments.
- [Issue 6198](https://bugs.chromium.org/p/gerrit/issues/detail?id=6198)
Allow control whitespace diff in the UI
- [Issue 6781](https://bugs.chromium.org/p/gerrit/issues/detail?id=6781)
Change/patchset actions have tooltips describing their behavior
- [Issue 6984](https://bugs.chromium.org/p/gerrit/issues/detail?id=6984)
"Discard" button on review comments requests confirmation prompt
- [Issue 7698](https://bugs.chromium.org/p/gerrit/issues/detail?id=7698)
New popup for "This change has been merged"
- [Issue 7773](https://bugs.chromium.org/p/gerrit/issues/detail?id=7773)
Ask for configuration on the submit button
#### General improvements
- [Issue 8983](https://bugs.chromium.org/p/gerrit/issues/detail?id=8983)
Lazy-load gr-avatar images
- [Issue 4915](https://bugs.chromium.org/p/gerrit/issues/detail?id=4915)
Support "Show Change Sizes As Colored Bars" setting
- [Issue 7886](https://bugs.chromium.org/p/gerrit/issues/detail?id=7886)
TShirt sizing for changes in the dashboard and change-view
- [Issue 7961](https://bugs.chromium.org/p/gerrit/issues/detail?id=7961)
Display dividing line for metadata
- [Issue 9000](https://bugs.chromium.org/p/gerrit/issues/detail?id=9000)
Fix adding groups created by the singleusergroup plugin
- [Issue 9216](https://bugs.chromium.org/p/gerrit/issues/detail?id=9216)
Close the groups editor after submitting
#### Differences from GWT
- Writing a cover message on a specific patch set is no longer possible.
The cover message is always added on the current patch set. This means
that any system that relies on notifications being sent for a specific
patch set will no longer work.
### New logging framework
For logging Gerrit is now using [Flogger](https://github.com/google/flogger)
instead of SLF4J. The logging backend is still LOG4J.
The Flogger LOG4J backend is configured by a system property
(`flogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance`)
that must be set for logging to work. There is an init step that automatically
sets this system property in the `gerrit.config` file and in addition Gerrit
tries to set this system property automatically on startup if it isn't set yet.
However for some setups you may need to do additional actions to make sure that
this system property is set.
In addition there is a system property that needs to be set for
[request tracing](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/user-request-tracing.html)
(`flogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance`).
Also this system property is automatically set in the `gerrit.config` file by an
init step and in addition Gerrit tries to set this system property automatically
on startup if it isn't set yet. However for some setups you may need to do
additional actions to make sure that this system property is set.
SLF4J can still be used by plugins, but using SLF4J in plugins is deprecated and
with the next Gerrit release SLF4J will no longer be exported as part of the
Gerrit plugin API jar. This means from the next release onwards, plugins must either
migrate to Flogger or have an own dependency on SLF4J.
### REST API
There are several new REST endpoints and additions to existing endpoints, as described in the [REST API](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api.html) documentation.
See below an overview of the noteworthy changes.
#### [Access Rights Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-access.html)
* [`ProjectAccessInfo`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-access.html#project-access-info)
has a new field `configWebLinks` containing a list of URLs that display the history
of the configuration file governing this project’s access rights.
#### [Accounts Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-accounts.html)
* [Query accounts](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-accounts.html#query-account)
requires the [Modify Account](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/access-control.html#capability_modifyAccount)
permission to return all the emails associated with the account.
* New endpoint [`/drafts.delete`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-accounts.html#_delete_draft_comments)
to remove the drafts comments associated with an account.
#### [Changes Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-changes.html)
* New endpoints to [lists](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-changes.html#list-change-messages),
[get](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-changes.html#get-change-message)
and [delete](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-changes.html#delete-change-message)
the messages `/messages` of a change including the detailed
account information associated.
* New endpoint [`/cherrypick`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-changes.html#cherry-pick)
to cherry-pick a specific commit.
#### [Config Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-config.html)
* New endpoint [`/server/reload`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-config.html#reload-config)
to reload Gerrit configuration.
* New endpoint [`/server/preferences.edit`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-config.html#get-edit-preferences)
to retrieve and update the global edit preferences for the server.
#### [Groups Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-groups.html)
* New option [`?owned-by`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-groups.html#_find_groups_that_are_owned_by_another_group)
to find groups that are owned by another group
#### [Project Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html)
* New option `?state` to get [all projects](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#suggest-projects)
with the given state.
* New option [`?query`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#query-projects)
for querying projects limited to a maximum of `?limit` entries.
* New endpoint `/description` for [updating](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#set-project-description)
and [deleting](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#delete-project-description) the project's description.
* [Check project access](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#check-access)
endpoint is now a GET API while the [POST is still supported by deprecated](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#check-access-post).
* New endpoint to index a project [`/index`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#index)
and all the changes [`/index.changes`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#index.changes)
associated to it.
* New endpoint [`/check`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#check)
to check project's consistency.
#### [Commit Endpoints](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#commit-endpoints)
* New endpoint [`/files`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/rest-api-projects.html#list-files)
to list files associated with a commit.
### Request Tracing
If a request is traced the unique trace ID is attached to all logs that are triggered
by the request. In addition all logs are enforced regardless of the configured log level.
Given the trace ID an administrator can find the trace in the error log and debug issues more
easily.
Detailed information about request tracing can be found in the
[request tracing documentation](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/user-request-tracing.html).
### New configuration option to ignore self approval on labels
A new option for Review Labels,
[label.Label-Name.ignoreSelfApproval](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16/config-labels.html#label_ignoreSelfApproval),
is available.
If true, the label may be voted on by the uploader of the latest patch set, but their approval does not make a change submittable. Instead, a non-uploader who has the right to vote has to approve the change.
It defaults to `false`, but one possible use case is to set the value to `true` for the `Code-Review` label in the `All-Projects` project.
That value will then be inherited by all projects that do not override the `Code-Review` label settings.
## Bug Fixes
* [Issue 10106](https://bugs.chromium.org/p/gerrit/issues/detail?id=10106):
Fix internal server error when updating project access via REST API
without specifying 'action' entity.
## Dependency Updates
* Update args4j to 2.33
* Update Brics Automaton to 1.12-1
* Update BouncyCastle to 1.60
* Update commons-compress to 1.15
* Update commons-lang3 and commons-net to 3.6
* Update Dropwizard metrics-core to 3.2.5
* Update Elasticsearch to 6.4.3 (Updated to 6.5.4 in 2.16.3)
* Add dependency to flexmark-java 0.34.18
[Flexmark](https://github.com/vsch/flexmark-java) is a CommonMark/Markdown
parser for java.
* Add dependency to flogger 0.3.1
[Flogger](https://github.com/google/flogger) is a fluent logging API for Java
and Gerrit is using Flogger instead of SLF4J now.
* Update greenmail to 1.5.5
* Update gson to 2.8.5
* Update guice-* to 4.2.1
* Update JGit to 5.1.3.201810200350-r (Updated to 5.1.7.201904200442-r in 2.16.8)
* Update Lucene to 6.6.5
* Update mime4j to 0.8.1
* Update OpenID4Java to 1.0.0
* Update Ow2.asm to 6.2.1
* Update javax.mail to 1.6.0
* Update Jetty to 9.4.12.v20180830
* Update protobuf-java to 3.4.0
* Update soy to 2018-03-14
* Update SSHD to 2.0.0 and Mina to 2.0.17
* Update tomcat-servlet-api to 8.5.23
* Update tukaani-xz to 1.6
* Remove dependency on Velocity
* Remove dependency on joda-time and joda-convert
NOTE: joda-* dependencies are no longer exported in the Gerrit plugin API.
Existing plugins that still rely on them need to be amended to include the
explicit dependency on joda-* libraries.
## Plugin API changes
* [`ChangeInfo`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/common/ChangeInfo.java)
and [`RevisionInfo`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/common/RevisionInfo.java):
Update copy methods to copy fields that have been added recently
* Support allow_conflicts option in cherry-pick input on [`CherryPickInput`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/changes/CherryPickInput.java)
* Have common class for entries in [DynamicMap/DynamicSet/DynamicItem](https://gerrit-review.googlesource.com/q/I4293795800771ef06eae6ec6d64be4b0a8fd72f4)
* New API for deleting draft comments of a user in [`AccountApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/accounts/AccountApi.java)
* New annotation [`RemoveAfter`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/annotations/RemoveAfter.java) for documenting features in Gerrit that can be deprecated
* [`DynamicSet`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/registration/DynamicSet.java) returns Iterable for entries instead of Iterator
* Support for deleting change message via REST API in [`ChangeMessageApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/changes/ChangeMessageApi.java)
* New common interface for all REST views on collections, [`RestCollectionModifyView`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/restapi/RestCollectionModifyView.java),
removing duplicate code in the RestApiServlet. Rest{Create,DeleteMissing}View are renamed to RestCollection{Create,DeleteMissing}View.
See the [relevant change for more details](https://gerrit-review.googlesource.com/q/Id2289a51c7d55bd61222ac132084e7f87328504c).
* Support binding a RestView to delete a missing resource through a brand-new [`DeleteViewBinder`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/restapi/RestApiModule.java).
See the [relevant change for more details](https://gerrit-review.googlesource.com/q/If64224d502bbfe578133d1255b42902dd4fbe4fb)
* New Api and REST endpoint to reindex a project on [`ProjectApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/projects/ProjectApi.java).
* New [RestCollection{Create,Delete,Modify}View](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/restapi/RestCollectionCreateView.java)
that can be bound for POST and DELETE requests on collections
via RestApiModule. The AcceptPost interface is not available anymore and existing code making use of it needs
to be adapted to use the RestCollectionView.
* Support getting account details in [`AccountApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/accounts/AccountApi.java).
* New API and REST endpoint for accessing change messages in [`ChangeApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/changes/ChangeApi.java).
* Add extension API for emails and support setting an email as preferred in
[`AccountApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/accounts/AccountApi.java)
and [`EmailApi`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/accounts/EmailApi.java).
* Add API and REST endpoints to get/set default edit preferences in [`Server`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/config/Server.java).
* Allow to filter list by project state in [`Projects`](https://gerrit.googlesource.com/gerrit/+/stable-2.16/java/com/google/gerrit/extensions/api/projects/Projects.java).
## Bugfix Releases
### 2.16.28
* New features
* [Change 314702](https://gerrit-review.googlesource.com/314702):
Introduce flag `--migrate-draft-to` during `init` for Schema_159 migration.
* [Issue 14777](https://crbug.com/gerrit/14777):
Allow per-project on-line notedb migration.
* Reindex performance improvements
* [Change 322935](https://gerrit-review.googlesource.com/322935):
Fix buggy Index-Interactive Executor.
Fix `index.threads` when set to a negative value which was not using a
direct executor as mentioned in docs.
* [Change 323215](https://gerrit-review.googlesource.com/323215)
[Change 322296](https://gerrit-review.googlesource.com/322296):
Disable auto flushing during offline Lucene indexing.
* [Change 322835](https://gerrit-review.googlesource.com/322835):
Use thread count specified on offline reindex command line.
Honor the `--threads` command line option when provided instead of
batchThreads property from `gerrit.config`.
* Gerrit migration performance improvements
* [Change 322436](https://gerrit-review.googlesource.com/322436):
Avoid creating loose objects in Schema 146.
* [Change 322295](https://gerrit-review.googlesource.com/322295):
Avoid creating loose objects in schema 167.
* [Change 322435](https://gerrit-review.googlesource.com/322435):
Fix schemas to use the appropriate ObjectInserter.
* [Change 321115](https://gerrit-review.googlesource.com/321115):
Update schemas 115,119 to create a desired initial commit.
* [Change 321075](https://gerrit-review.googlesource.com/321075):
Create initial commit in schema 146 only when necessary.
* [Change 322115](https://gerrit-review.googlesource.com/322115)
[Change 321496](https://gerrit-review.googlesource.com/321496)
[Change 321495](https://gerrit-review.googlesource.com/321495)
[Change 321135](https://gerrit-review.googlesource.com/321135)
[Change 320178](https://gerrit-review.googlesource.com/320178):
Avoid creating loose objects in schemas 115, 119, 124, 139, 144, and 154.
* [Change 320179](https://gerrit-review.googlesource.com/320179):
Parallelize inserts into accountPatchReviewDb in schema 127.
Reduce the migration time on large sites by parallelizing inserts
to accountPatchReviewDb. Default number of migration threads is equal
to number of CPUs or can be manually configured through system property
'schema127_threadcount'.
* [Change 320177](https://gerrit-review.googlesource.com/320177):
Make schema migraitons more efficient by listing repositories only once.
* [Change 321055](https://gerrit-review.googlesource.com/321055):
Update schemas 115,139,144 to ignore entries not in the 'accounts' table.
* [Change 302923](https://gerrit-review.googlesource.com/302923):
Warm PostgreSQL DB before migration.
* [Change 321635](https://gerrit-review.googlesource.com/c/gerrit/+/321635)
[Change 319997](https://gerrit-review.googlesource.com/c/gerrit/+/319997):
Parallelize schemas 108,130,131 which perform updates on each repository.
* [Issue 14097](https://gerrit-review.googlesource.com/14097):
Fix display the GC action on project commands for Gerrit in multi-site configuration.
* Bug Fixes
* [Issue 15262](https://crbug.com/gerrit/15262):
Prevent infinite loops with GWT UI and HTTP auth.
Prevent the legacy HTTP form used for redirection
with HTTP authentication from generating an invalid request
'?polygerrit=0login/' and going into an infinite login loop
'?polygerrit=0login/login/'.
* [Issue 14963](https://crbug.com/gerrit/14963):
Fix /access REST APIs returning incorrect rule when group is duplicated for same rule.
* [Change 323095](https://gerrit-review.googlesource.com/323095):
Add `--migrate-draft-to` flag on init doc.
* [Change 313561](https://gerrit-review.googlesource.com/313561):
Handle null account-ids when sending e-mails.
* [Change 313763](https://gerrit-review.googlesource.com/313763):
Make shuffling project slices optional in notedb migrator.
* [Change 302922](https://gerrit-review.googlesource.com/302922):
Make GC on repositories optional in notedb migrator.
* [Change 307602](https://gerrit-review.googlesource.com/c/gerrit/+/307602):
Fix NPE while accessing draft refs.
* [Change 307482](https://gerrit-review.googlesource.com/c/gerrit/+/307482):
EqualsLabelPredicate: fix bug that prevents matching owner votes.
* Dependency Updates
* Update JGit to 5.1.16.202106041830-r, which contains the following
improvements:
* [Change 180697](https://git.eclipse.org/r/180697):
BatchRefUpdate: Skip saving conflicting ref names and prefixes in memory.
* [Change 180559](https://git.eclipse.org/r/180559):
Avoid having to scan over ALL loose refs to determine if the name is nested
within or is a container of an existing reference.
### 2.16.27
* Bug Fixes
* [Issue 13786](https://bugs.chromium.org/p/gerrit/issues/detail?id=13786):
Update of user ssh key doesn't get replicated to slave.
* [Issue 13931](https://bugs.chromium.org/p/gerrit/issues/detail?id=13931):
Inline edit allows the modification of Change-Id across patch-sets.
* [Issue 14013](https://bugs.chromium.org/p/gerrit/issues/detail?id=14013):
Gerrit uses ReviewDb even when migrated to NoteDb.
### 2.16.26
* Security Fixes
* [Issue 13858](https://bugs.chromium.org/p/gerrit/issues/detail?id=13858)
[CVE-2021-22553](https://nvd.nist.gov/vuln/detail/CVE-2021-22553):
Fixed memory leak in Git-over-HTTP requests.
Unauthenticated users could exploit this problem in a Denial of Service attack,
causing the server to go out-of-memory.
* Dependency Updates
* Update JGit to 5.1.15.202012011955-r.
* Update testcontainers to 1.15.0.
### 2.16.25
* Security Fixes
* [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
[CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
APIs that should be locked down.
Gerrit had two components for determining if a Git ref is visible to a
user: `(Default)RefFilter` and `PermissionBackend#ForRef` (e.g.,
`RefControl`). The former was always capable of providing correct results
for all refs. The latter only had logic to decide if a Git ref is visible
according to the Gerrit `READ` permissions. This includes all refs under
`refs/heads` as well as any other ref that isn't a database ref or a Git
tag. This component was unaware of Git tags and notedb-related refs. Hence,
when asked for a database reference such as `refs/changes/xx/yyyyxx/meta`,
the logic would allow access if the user has `READ` permissions on any of
the ref prefixes (such as the default "read refs/* Anonymous Users").
That was problematic, because it bypassed
[documented behavior](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.25/access-control.html)
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
* [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
[CVE-2020-8920](https://nvd.nist.gov/vuln/detail/CVE-2020-8920):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
hiding refs based on the project's ACLs. There is however an optimization
that skips the filtering in case a user has `READ` permissions on every ACL
pattern(s). When the target repository is `All-Users`, the optimization
turns into a security issue because it allows seeing all personal information
associated with all accounts, i.e.:
* draft comments
* draft edits
* personally identifiable information (PII) of all users
* external ids
This fix now blocks Gitiles or any other part of Gerrit to abuse this power
when the target repository is `All-Users`, where nobody can be authorized
to skip the ACLs evaluation anyway.
### 2.16.24
This minor release has been withdrawn.
### 2.16.23
* NoteDb Migrator Fixes and Improvements
* Introduce a new option `--force-state-change-with-skip` in the
NoteDb migrator to force state change of the migration if projects are skipped.
* Introduce a new option `--verbose` in the
NoteDb migrator to display more information about the migration progress.
* Log the NoteDb migration progress every 1000 changes.
* Fix contention on single database connection which all migration threads were
competing for. Instead use one database connection per thread.
* Update noteDb status in chunks to avoid an excessive number of DB connections
is used.
* Use multiple threads per project for improving the performance when there are
a lot of changes per project. The impact is negligible on projects with a limited
number of changes.
* Ensure that all exceptions happening during the migration are properly logged.
* PolyGerrit UI Fixes
* [Issue 11706](https://bugs.chromium.org/p/gerrit/issues/detail?id=11706):
Enable the ability to modify the commit message as part of change in-line edit.
* [Issue 13328](https://bugs.chromium.org/p/gerrit/issues/detail?id=13328):
Project dashboard links stored in 'My' menu (GWT) lead to 'cannot load page' when
switched to PolyGerrit.
* [Issue 13350](https://bugs.chromium.org/p/gerrit/issues/detail?id=13350):
Cannot add group to (cc-)review if its UUID is not the internal one.
* Replication plugin Fixes
* [Issue 12769](https://bugs.chromium.org/p/gerrit/issues/detail?id=12769):
Pending replication events can delay the Gerrit startup for too long.
* Documentation Updates
* Introduce the
[documentation of Gerrit logs](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.23/logs.html)
format and the meaning of each field.
* Clarify [how to resolve common Bazel issues](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.23/dev-eclipse.html)
with Eclipse project generation.
* Document X-Forwarded-For header in the
[Gerrit reverse-proxy section](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.23/config-reverseproxy.html).
### 2.16.22
* Security Fixes
* [Issue 12846](https://bugs.chromium.org/p/gerrit/issues/detail?id=12846):
BadMessageException: 500: Response header too large.
[CVE-2019-17638](https://nvd.nist.gov/vuln/detail/CVE-2019-17638)
Bump Jetty version to 9.4.30.v20200611 to fix regression introduced in Jetty
version: 9.4.27.v20200227.
Response header overflow leads to buffer corruptions Jetty server always
allocates maximum response header size.
For more details see also upstream issues:
[Issue 4936](https://github.com/eclipse/jetty.project/issues/4936)
[Issue 4541](https://github.com/eclipse/jetty.project/issues/4541)
* Bug Fixes
* Use multiple threads per project when reindexing changes
To avoid idling threads during reindex operation, split the big projects
into smaller parts and let the thread pool index these parts.
* [Issue 13105](https://bugs.chromium.org/p/gerrit/issues/detail?id=13105):
Fix plugin builds on OSX
This fixes plugin stamping by adding overwrite files without prompting
option to unzip command.
* [Issue 12988](https://bugs.chromium.org/p/gerrit/issues/detail?id=12988):
Fix issue with auto registering ssh commands
AutoRegisterModules and PluginGuiceEnvironment checks if
ssh command implements org.apache.sshd.server.Command
interface. Correct interface name is org.apache.sshd.server.command.Command.
* [Issue 12935](https://bugs.chromium.org/p/gerrit/issues/detail?id=12935):
Avoid closing System.out after All-Users GC in NoteDB migration
By using try-with-resource wrappers around System.out for the garbage
collection of the `All-Users` repo, System.out got closed when the
wrappers got closed after the garbage collection. Due to the closed
System.out, the final status messages of the migration got swallowed
and did not make it to the screen.
* [Issue 12918](https://bugs.chromium.org/p/gerrit/issues/detail?id=12918):
Honor project watches also for changes created via cherry-pick
When a change was cherry-picked and a project watch expression from a
user matched the newly created change a notification email (because of
the project watch) was often not sent.
Change the default for the CherryPickInput.notify to ALL, the same like
in the CreateChangeInput.
* [Issue 12917](https://bugs.chromium.org/p/gerrit/issues/detail?id=12917):
Switching between changes fails and in-line edit returns HTTP status 404.
Switching between changes in a change series randomly fails.
Also, when adding a file to a change using in-line edit fails constantly
with an HTTP status 404.
### 2.16.21
* Security Fixes
* [Issue 12717](https://bugs.chromium.org/p/gerrit/issues/detail?id=12717):
Deny access over HTTP for disabled accounts.
A disabled account was still able to access over HTTP until the existing
session expired.
* Bug Fixes
* [Issue 11707](https://bugs.chromium.org/p/gerrit/issues/detail?id=11706):
Support `/COMMIT_MSG` for change edit REST endpoints.
### 2.16.20
* New Features
* Bazel: Add //tools/bzl:always_pass_test rule to avoid boilerplate for running tests during build.
* Bug Fixes
* [Issue 12844](https://bugs.chromium.org/p/gerrit/issues/detail?id=12844):
Trim and update Gerrit full name from the one stored in LDAP during login.
* PolyGerrit UI Fixes
* [Issue 12777](https://bugs.chromium.org/p/gerrit/issues/detail?id=12777):
Hide the "No Votes" notice for labels created and approved by prolog rules.
* Replication Plugin Fixes
* [Issue 12806](https://bugs.chromium.org/p/gerrit/issues/detail?id=12806):
Fix a regression where the project deletion was not propagated to the remote nodes.
### 2.16.19
* Breaking Changes
* Elasticsearch: Support for [EOL version 6.5](https://www.elastic.co/support/eol)
is discontinued.
* New Features
* Enable to run online noteDb migration using multiple threads.
The new configuration option
[`notedb.onlineMigrationThreads`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.19/config-gerrit.html#notedb.onlineMigrationThreads)
allows tuning the number of threads the migration can use.
This helps to speed up online migration at the expense of imposing a
higher load on the Gerrit server running at the same time.
* Add a new metric for monitoring Java deadlocks.
The metric `proc/jvm/thread/num_deadlocked_threads` monitors the number of
threads that are deadlocked waiting for object monitors or ownable synchronizers.
* Add support for Elasticsearch 7.7.
* End-to-end Tests Improvements
* Allow end-to-end tests to proportionally scale on their expected execution times.
A `power_factor` [environment property](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.19/dev-e2e-tests.html#_environment_properties)
was added to the end-to-end tests core framework. Using that optional property,
scenario steps can take some more (or less) time prior to expecting proper completion.
The way to set that property locally then depends on the target runtime environment,
or SUT latency. The property may be used for either core or plugin scenarios.
* `FlushProjectsCache` related scenarios added to core (and the `high-availability` plugin).
* Support for relative runtime weights in scenarios.
Each scenario can now either weight like any other by default, or override that default
with a greater weight value, compared to siblings that are lighter on execution times.
Beside core, make the `high-availability` and `multi-site` plugin scenarios reuse this.
* Allow scenarios to create and delete Gerrit changes alongside projects.
Add the corresponding core support for an optional `http` request body to every such
`GerritSimulation`. Either automate or allow [environment properties](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.19/dev-e2e-tests.html#_environment_properties)
to feed the related input test data.
Beside core, make the `high-availability` and `multi-site` plugin scenarios test changes
that way. The latter currently has [Issue 12693](https://bugs.chromium.org/p/gerrit/issues/detail?id=12693)
as a known limitation.
* Bug Fixes
* [Issue 12637](https://bugs.chromium.org/p/gerrit/issues/detail?id=12637):
Fix SQL connection timeout during migration to schema 146 and 154.
A full GC is run at the beginning of the migration, after every 100k
accounts, and at the end of the migration. Additionally, bitmap index
generation is disabled during the migration.
* [Issue 12606](https://bugs.chromium.org/p/gerrit/issues/detail?id=12606):
Fix `visibleto` predicate for groups.
If a group name was used in the `visibleto` predicate, changes were
not returned even if the group had permission to see them.
* [Issue 12747](https://bugs.chromium.org/p/gerrit/issues/detail?id=12747):
Fix change query visibility for internal user.
* [Issue 12755](https://bugs.chromium.org/p/gerrit/issues/detail?id=12755):
Block the removal of the Realm primary external ids.
It was possible to remove the email address associated with the primary
id of a Realm, effectively resulting in the account being removed.
* [Isssue 12786](https://bugs.chromium.org/p/gerrit/issues/detail?id=12786):
Fix wrong status returned when auth backend couldn't be reached.
The response 401 was returned when the auth backend could not be
reached, instead of the response 503.
* Fix internal server error on parsing commit message during receive commits.
* Add `autocomplete="off"` to LDAP login form.
Some security tools will flag the absence of the autocomplete flag as a
possible security issue, as it could allow for passwords to be saved and
automatically filled in on shared computers.
* [Issue 12646](https://bugs.chromium.org/p/gerrit/issues/detail?id=12646):
Fix incorrect highlighting of diffs in the GWT UI.
In some cases the highlighting was shown on an adjacent line rather than
on the line that was actually changed. This happened in both the side-by-side
and unified diff views in the GWT UI.
* [Issue 12667](https://bugs.chromium.org/p/gerrit/issues/detail?id=12667):
Fix unwanted expansion of common lines at the bottom of a diff in the GWT UI.
* Accept `--ownedby` as an alias of `--owned-by` in the groups REST API.
The option was incorrectly documented as `--ownedBy` which resulted in an
error "not a valid option" if anyone tried to use it.
The documentation is fixed, and `--ownedby` is added as an alias so that it
also works for anyone still referring to the old documentation.
* Fix various misuses of the Flogger API causing exception details to be omitted
in the log output.
Exceptions were not properly passed to the logger which would cause the
details to be omitted, or in some cases the message "ERROR: UNUSED LOG ARGUMENTS"
to be emitted.
* When a project migration fails in the migration to schema 169
* When an invalid PAPE response is received during OpenID authentication
* When a plugin config is invalid and cannot be loaded
* When an error occurs while migrating a change metadata entry to JSON
* When there is an unsupported charset in a patch text
* [Issue 12673](https://bugs.chromium.org/p/gerrit/issues/detail?id=12673):
Fix emitting debug logs while running tests.
* PolyGerrit UI Fixes
* [Issue 12707](https://bugs.chromium.org/p/gerrit/issues/detail?id=12707):
Apply diff preferences immediately after pressing "Save".
* [Issue 12690](https://bugs.chromium.org/p/gerrit/issues/detail?id=12690):
Only show the "Edit" button for open changes in the diff view.
* [Issue 12726](https://bugs.chromium.org/p/gerrit/issues/detail?id=12726):
Fix incorrect highlighting after `/` character in Javascript.
* [Issue 12775](https://bugs.chromium.org/p/gerrit/issues/detail?id=12775):
Fix parent of previous patch sets not being available.
* Replication Plugin Fixes
* [Issue 12678](https://bugs.chromium.org/p/gerrit/issues/detail?id=12678):
Fix missing replication Id in replication logs.
The migration to use Flogger in 2.16.17 caused a regression in the logging,
where the replication Id was omitted from the logs. This is fixed by reverting
back to slf4j logging for the replication log.
* [Issue 12719](https://bugs.chromium.org/p/gerrit/issues/detail?id=12719):
Fix `replication start --wait` to track in-flight collisions and to not fail.
* [Issue 12731](https://bugs.chromium.org/p/gerrit/issues/detail?id=12731):
Don't lose state when there's a pending push to the same ref.
If there was already a pending push (not an in-flight push) to the same endpoint,
the start for the push would be dropped when adding the push to the Destination.
This meant that a `replication start --wait` command would never complete when
one of its pushes was pending since its state would never receive the completion
notification for that push.
* [Issue 11745](https://bugs.chromium.org/p/gerrit/issues/detail?id=11745):
Fix firing pending "..all.." events on startup.
* [Issue 11760](https://bugs.chromium.org/p/gerrit/issues/detail?id=11760):
Make persistent task keys stable.
* Fix URL matching to match real URLs in addition to templated URLs.
* Log when skipping deletion of a ref when pushing to a remote in mirror mode.
* Improve logging of push failures caused by a lock failure on the remote.
* Improve logging of refs to be pushed.
* Library Upgrades
* Upgrade jackson-core to 2.11.0
* Upgrade jetty to 9.4.27.v20200227
* Upgrade testcontainers to 1.14.2
### 2.16.18
* Breaking Changes
* [Issue 12527](https://bugs.chromium.org/p/gerrit/issues/detail?id=12527):
Elasticsearch: Support for EOL versions v5.6 and v6.0 to v6.4 is discontinued
* Plugin API: Deprecated methods related to the draft workflow and change edits are removed
* `ChangeApi.getEdit()`
* `ChangeApi.publish()`
* `RevisionApi.delete()`
* `RevisionApi.publish()`
* Metrics: Cache disk stat metric computation is disabled by default
Calculation of the cache disks stat metrics for persistent caches is disabled
by default because it is a very expensive operation that can block a thread for
several minutes on larger installations.
Installations that still want to use this metric must explicitly enable it with the
[cache.enableDiskStatMetrics](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.18/config-gerrit.html#cache.enableDiskStatMetrics)
configuration option.
* New Features
* Make legacy version of the `commit-msg` hook available
Make the older version of the `commit-msg` hook from gerrit 2.15.x,
which does not use `git-intepret-trailers`, available from the site so that
users who have an older client can download it.
* Bug Fixes
* Fix handling of ambiguous name in `visibleto` search predicate
If the `visibleto` search predicate was used with a display name that
resolved to more than one account, the first account in the result was
arbitrarily used. Now, this case will result in an error.
* [Issue 11625](https://bugs.chromium.org/p/gerrit/issues/detail?id=11625):
Avoid multiple notifications for existing reviewers.
* PolyGerrit UI Fixes
* [Issue 12385](https://bugs.chromium.org/p/gerrit/issues/detail?id=12385):
Fix memory leak in `gr-plugin-endpoints`.
* Library Upgrades
* Upgrade rules_closure to forked version
This fixes the "-parameters is not supported for target value 1.7. Use 1.8 or later."
warning when building. See [PR 478](https://github.com/bazelbuild/rules_closure/pull/478).
* [Issue 12448](https://bugs.chromium.org/p/gerrit/issues/detail?id=12448):
Upgrade Guice to 4.2.3 and switch to using no-AOP Guice distribution
This allows to more easily support newer JDK versions.
* Upgrade asm to 7.2
* [Issue 14242](https://bugs.chromium.org/p/gerrit/issues/detail?id=12424):
Upgrade gwtjsonrpc to 1.12
This fixes email token verification failures caused by non-URL-encoded characters.
* Security Fixes
* [Issue 8952](https://bugs.chromium.org/p/gerrit/issues/detail?id=8952):
Do not require explicit "Push Tag" rights to `refs/tags/*` for pushing an annotated tag over HTTPS.
* Replication Plugin Fixes
* Improve logging of why a project or ref is not replicated.
### 2.16.17
* Breaking Changes
* The `LogThreshold` annotation is removed.
The default log level for tests has been changed from DEBUG to INFO,
and this annotation is no longer needed. It was originally introduced
to allow classes to explicitly set their log level at level other than
DEBUG.
Plugins that use this annotation must be adjusted.
* `EnumSet` replaced with `Set` in all plugin API
All the plugins API have been amended to avoid the use of concrete class
`EnumSet` in their method signatures. Source-level compatibility is preserved
because `Set` is a super-class of `EnumSet`. However, existing plugins would
fail with NoSuchMethodException unless they are rebuilt against the new APIs.
* New Features
* Add support for Elasticsearch 7.6.x.
* Include `upload-pack` metrics in the sshd log.
In order to enable detailed performance and problem analysis,
`upload-pack` metrics are now included in the sshd log.
* Add new configuration setting `core.packedGitUseStrongRefs`.
When set to true, this option enables using strong references to reference
packfile pages cached in the WindowCache. If this option is set Java gc can
no longer flush the WindowCache to free memory if the used heap comes close
to the maximum heap size. On the other hand this provides more predictable
performance.
* Add new configuration setting `sendemail.denyrcpt`.
This new setting works alongside the existing `sendemail.allowrcpt`, and
allows to configure email addresses or domains that Gerrit may not send to.
* Allow to format HTTP and SSH logs in JSON format.
When `log.jsonLogging` is enabled, the HTTP and SSH logs are formatted
as JSON, making it easier for them to be parsed. Note that the error log
was already formatted in JSON when this option was enabled.
* Add new metrics.
Metrics are added for:
* Jetty connections
* JGit WindowCache and total load time for block cache entries
* Available number of cores
* Average system load for the last minute
Refer to the metrics documentation for full details.
* [Issue 11493](https://bugs.chromium.org/p/gerrit/issues/detail?id=11493):
Add an "Edit" button to the diff view in the PolyGerrit UI.
* Add support for fsharp in highlighting syntax in the PolyGerrit UI.
* [Issue 12364](https://bugs.chromium.org/p/gerrit/issues/detail?id=12364):
Add support for going to a specific line number in the inline editor.
* Add prolog predicate to determine number of parents.
The new predicate `commit_parent_count` can be used to detect merge
commits.
* Add `NamedFluentLogger`
`NamedFluentLogger` is an extension to Flogger that allows to create
a logger with a given name rather than the name of the enclosing class.
* [Issue 12444](https://bugs.chromium.org/p/gerrit/issues/detail?id=12444):
Add support for `max_result_window` in Elasticsearch index configuration.
* Library Upgrades
* Upgrade jackson-core to 2.10.3.
* Upgrade Jetty to 9.4.24.v20191120, including a fix for supporting IPv6.
* Upgrade JGit to 5.1.13.202002110435-r.
* Security Fixes
* [Issue 12440](https://bugs.chromium.org/p/gerrit/issues/detail?id=12440):
Fix the access-path for AbstractGitCommand subclasses.
The access path for the Receive.currentUser in the receive-pack command
was wrongly set to SSH_COMMAND instead of to GIT.
This allowed project owners to force-update a ref using git-over-SSH
without having en explicit permission for that.
* Bug Fixes
* [Issue 11772](https://bugs.chromium.org/p/gerrit/issues/detail?id=11772):
Cancel deprecation of change identifiers that was planned since 2.16.
Since 2.16 the documentation of change identifiers states that the
identifiers other than `<project>~<numericid>` are deprecated and will
be removed in a future release. Since then the identifiers have still
not been removed and there is no clear plan to do so.
It is likely that "deprecated" identifiers are still used in links in
places where they can't be updated, for example in emails and forum
posts. Due to this, and since continuing to support all of the types
does not add any technical burden, ESC decided that the deprecation
should be cancelled.
The `change.api.allowedIdentifier` configuration setting is now
obsolete and has been removed.
* [Issue 3340](https://bugs.chromium.org/p/gerrit/issues/detail?id=3340):
Fix internal server errors when setting project access permission with bad regex.
* [Issue 10397](https://bugs.chromium.org/p/gerrit/issues/detail?id=10397):
Don't send notification email when publishing a change edit on a WIP change.
* Fix removal of stale metrics from the metrics registry.
* [Issue 12349](https://bugs.chromium.org/p/gerrit/issues/detail?id=12349):
Fix time attribute of file entries in plugin artifacts.
* Make assumption on number of query results explicit for change Id arguments.
When a change Id passed as argument was resolved to multiple changes,
the first returned change was arbitrarily used. Now an error will be raised
and logged.
* download-commands plugin: Set SSH default port to 22.
* [Issue 10248](https://bugs.chromium.org/p/gerrit/issues/detail?id=10248):
Allow direct upgrade from v2.14, adding `created_on` column if it doesn't exist.
* Document dependency from account deactivator to autoUpdateAccountActiveStatus
and log a warning if the account deactivation task is configured but will not
be scheduled.
* Modify draft comments generation so that, when removed, they to point to an
empty parent, so that `All-Users` can avoid size explosion.
* [Issue 12473](https://bugs.chromium.org/p/gerrit/issues/detail?id=12473):
Fix broken links in Elasticsearch configuration documentation.
* PolyGerrit UI Fixes
* [Issue 4616](https://bugs.chromium.org/p/gerrit/issues/detail?id=4616):
Open commentlinks to changes on the same server in the same tab.
* [Issue 12031](https://bugs.chromium.org/p/gerrit/issues/detail?id=12031):
Fix issues with caching edited commit message.
* Remove `target=_self` from commentlinks.
* Replication plugin fixes
* Add method to push changes directly to given replica; intended to be used
by other plugins that extend the replication plugin.
* Check nulls in firePendingEvents at startup.
After a sudden reboot (for unknown reason) Gerrit at startup couldn't
load because of NullPointerException.
* Change default for the `replicateOnStartup` to false.
* Don't lose `ref-updated` events on plugin restart.
When a `ref-updated` event is received, persist the event in the directory
defined by the `replication.eventsDirectory`. When the updated ref is
replicated delete the persisted event.
* Packaging Fixes
* [Issue 12355](https://bugs.chromium.org/p/gerrit/issues/detail?id=12355):
Do not overwirte /etc/default/gerritcodereview upon upgrade.
* Other Fixes
* Fix various minor coding issues reported by Error Prone and Sonar Lint.
* Reduce log spam of 'Repository not found' stack traces.
* [Issue 11953](https://bugs.chromium.org/p/gerrit/issues/detail?id=11953):
Reduce log spam during tests by reducing the default log level to INFO.
The log level can now be explicitly set by the `GERRIT_LOG_LEVEL` system
variable.
The `LogThreshold` annotation is removed.
### 2.16.16
* New Features
* Include request description in HTTP thread names.
The HTTP worker threads had generic names like `HTTP-100`, `HTTP-101`,
etc. While we could conclude from the stack trace what this thread was
doing, we missed some important information like repository name, user name,
etc.
The HTTP threads now have descriptive names. For example, if there is an
ongoing git-fetch operation we will see a thread named like:
`HTTP POST /a/myProject/git-upload-pack (johndoe from 10.87.75.169)`.
This makes the naming consistent with SSHD threads, which are named like:
`SSH git-upload-pack /myProject (johndoe)`.
* New metrics for Jetty threadpool.
The new metrics are exposed under `http/server/jetty/*`.
* Utility program to delete zombie draft comment refs.
Deletion of draft comment refs was broken until 2.16.14, resulting in
draft comment refs not getting deleted properly. Although it has been fixed,
it's still possible that zombie refs exist from previous versions. The
new site program `DeleteZombieCommentsRefs` can be used to remove them.
* Highlight `WORKSPACE` and `BUILD.bazel` files as Python in the PolyGerrit UI.
* Bug Fixes
* [Issue 12246](https://bugs.chromium.org/p/gerrit/issues/detail?id=12246):
Fix generation of duplicate ChangeIds when creating a new change via REST.
The `Change-Id` was computed from the commit content and the timestamp,
which resulted in the possibility for two changes to get the same `Change-Id`
when two empty changes were created by REST at the same time.
The `Change-Id` is now generated randomly.
* [Issue 12097](https://bugs.chromium.org/p/gerrit/issues/detail?id=12097):
Fix migration to NoteDb when orphan changes exist.
In the case where a change belonged to a repository that did not exist,
the migration failed.
* [Issue 12171](https://bugs.chromium.org/p/gerrit/issues/detail?id=12171):
Upgrade rules_closure to the latest version to fix build breakage.
[Maven Central now requires HTTPS](https://links.sonatype.com/central/501-https-required)
when downloading artifacts and returns "501 HTTPS Required" when a request
is done over plain HTTP. This caused the build of Gerrit to fail when done in
a completely clean environment because the version of rules_closure was still
using HTTP.
* [Issue 12243](https://bugs.chromium.org/p/gerrit/issues/detail?id=12243):
Fix unexpected deactivation of service user accounts.
* Fix editing name and email for service user accounts.
* Don't check for conflicting refs when deleting a ref; improve performance of
migration to schema 167.
The migration to schema 167 involves deletion of refs. The performance was
poor for large installations (for example 30k user refs and 20k groups)
because the ref deletion implementation was doing an unnecessary check for
conflicting refs.
* Fix setting `_moreChanges` to the wrong value in change query REST results.
* Upgrade highlight-js to get various fixes in source code highlighting:
* fix(makefile) fix double relevance for assignments
* (xml) expand and improve document type highlighting
* fix(kotlin): fix termination of """ string literals
* (cpp) Add additional keywords
* Backslash is not used to escape in strings in standard SQL
* (javascript) fix jsx self-closing tag issues
* enh(ini) support arrays and much cleaner grammar
* (javascript) support jsx fragments
* PolyGerrit UI Fixes
* [Issue 11980](https://bugs.chromium.org/p/gerrit/issues/detail?id=11980):
Fix handling of LDAP groups containing a dot in the PolyGerrit permissions screen.
* [Issue 12197](https://bugs.chromium.org/p/gerrit/issues/detail?id=12197):
Fix rendering of commentlinks using `link` in PolyGerrit UI.
* Add `MessageOfTheDay` entries to `ServerInfo`.
Messages registered to the `MessageOfTheDay` extension point are added to the
`ServerInfo`, which is fetched via REST API and displayed in a PolyGerrit UI
element.
* Other Changes
* Upgrade jackson-core dependency to 2.10.2
* Improve logging when a metadata update fails.
* Replace documentation of `gerrit.ui` with `gerrit.enableGwtUi`.
Since 2.16 the `gerrit.ui` setting is no longer recognized. PolyGerrit is the
default UI and this cannot be changed. The GWT UI can be enabled by setting
the `gerrit.enableGwtUi` flag; PolyGerrit is still the default but users may
switch to GWT if they prefer.
* Update [external Ids documentation](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.16/config-accounts.html#external-ids)
with information on how to find the sha1 of an external Id and how to show the
corresponding change note.
### 2.16.15
* New Features
* Include thread name in the HTTPD and SSHD logs.
Having thread name in the HTTPD and SSHD logs makes it easier to match entries
from the error log. The error log entries already contain the thread name, so
with the thread name included in each entry in the HTTPD and SSHD logs, we have
more data to match an error to a request than just the timestamp.
* Bug Fixes
* [Issue 12070](https://bugs.chromium.org/p/gerrit/issues/detail?id=12070):
Fix internal server error on git over HTTP calls when SSHD is enabled.
Double cleanup of the request context caused an internal server error on
push or fetch via git over HTTP.
### 2.16.14
* New Features
* [Issue 11973](https://bugs.chromium.org/p/gerrit/issues/detail?id=11973):
Add copy-to-clipboard for generated HTTP password.
* Add support for doctag in PolyGerrit UI syntax highlighter.
* Add an event interface in the PolyGerrit API.
* Add support for Elasticsearch 7.5.
* Add documentation of how to perform backups of Gerrit.
* Breaking Changes
* The default and minimum value of `execution.defaultThreadPoolSize` is
increased to 2.
* PolyGerrit UI Fixes
* [Issue 11993](https://bugs.chromium.org/p/gerrit/issues/detail?id=11993):
Stop loading fonts from external resources.
* [Issue 11984](https://bugs.chromium.org/p/gerrit/issues/detail?id=11984):
Fix top menu bar on iOS.
* [Issue 8282](https://bugs.chromium.org/p/gerrit/issues/detail?id=8282):
Avoid browser caching for diff on edit patch.
* [Issue 9444](https://bugs.chromium.org/p/gerrit/issues/detail?id=9444):
Fix syntax highlighting for multi-char char constants.
* [Issue 12020](https://bugs.chromium.org/p/gerrit/issues/detail?id=12020):
Fix 'New Contributor Agreement' screen.
* Fix `gr-syntax-params` css class.
* Fix overflow of branch name in change list.
* Other Fixes
* [Issue 7645](https://bugs.chromium.org/p/gerrit/issues/detail?id=7645):
Fix thread deadlock when loading accounts from the account cache.
Replacing Guava caches with Caffeine reduces the chances of having the
deadlocks and improves the cache performance.
* Disallow deleting the `refs/meta/config` branch via the 'Delete Branches'
REST API.
* Disallow deleting the `HEAD` ref via the 'Delete Branches' REST API.
* Allow empty base revision in the 'Create Branch' and 'Create Tag'
REST APIs.
* Fix deletion of draft comment refs.
In some situations, draft comment refs were not properly deleted
but left empty. This resulted in unused draft refs persisting in
the `All-Users` repository, polluting the namespace. Published draft
comments as well as deleted draft comments were kept in the history
of the draft ref, keeping them alive for GC, and causing a steady
increase of repository size.
* Use correct content type `text/plain` instead of `plain/text` in 'Create SSH Key'
REST API.
* Fix handling of interactive/batch users in the QoS filter.
For the git-over-http requests this filter didn't work properly because the
basic authentication happened later in the filter chain and at the moment when
the QoS filter was invoked the current user was not yet set.
* Add project name to headers of outgoing change emails.
* Fix and expand documentation of `ref-update` and `commit-received` hooks
in the hooks plugin.
* Upgrade gitiles blame-cache to 0.2-7.1.
* Upgrade jackson-core to 2.10.1.
### 2.16.13
* New features:
* Add a method on `ProjectConfig` to read from the repository.
Add a method that allows to read the config from the repository without
having to provide a `MetaDataUpdate` instance.
* New syntax highlighting files format supported.
Highlight Jinja2, Jenkinsfile, Soy and VHDL formats; associate cproj, xaml and
svg as xml.
* New `getConfig()` method in the PolyGerrit Plugin RestApi interface.
Make the PolyGerrit RestApi interface to retrieve the server config and to cache it,
accessible to plugins.
* Add "readOnly" endpoint parameter to repo-config endpoint in PolyGerrit Plugin RestApi.
* PolyGerrit UI Fixes
* Hide "HTTP Credentials" if auth is not `HTTP` or `HTTP_LDAP`.
* [Issue 11782](https://bugs.chromium.org/p/gerrit/issues/detail?id=11782):
Fix assignment of CSS style for CodeReview -1 labels within comments.
* [Issue 7083](https://bugs.chromium.org/p/gerrit/issues/detail?id=7083):
Stop query from executing if predicate is empty.
* [Issue 8513](https://bugs.chromium.org/p/gerrit/issues/detail?id=8513):
Add the SHA hash of each patchset in dropdown menu as it was in the old GWT UI.
* [Issue 11715](https://bugs.chromium.org/p/gerrit/issues/detail?id=11715):
Fix total additions/deletions counters when viewing diff against parent 1 on merge commit.
* [Issue 11682](https://bugs.chromium.org/p/gerrit/issues/detail?id=11682):
Fix some corner-cases in the diff view where the download file feature did not work for
added, renamed and deleted files.
* [Issue 10047](https://bugs.chromium.org/p/gerrit/issues/detail?id=10047):
Add shortcut to copy ssh-rsa public key.
* [Issue 7867](https://bugs.chromium.org/p/gerrit/issues/detail?id=7867):
Allow downloading the complete diff file as in the old GWT UI.
* Elasticsearch Updates:
* Add support for Elasticsearch 7.4.
* Update elasticsearch-rest-client to 7.4.2.
* Replication plugin Fixes
* [Issue 11573](https://bugs.chromium.org/p/gerrit/issues/detail?id=11573):
Fix dropping events during plugin restart.
* JGit Updates:
* Upgrade JGit to 5.1.12.201910011832-r.
This JGit version brings significant performance improvement in the case when
Gerrit loads all external-ids from NoteDb. This happens whenever the
external_ids_map cache gets invalidated or expires.
* Other Fixes
* [Issue 11246](https://bugs.chromium.org/p/gerrit/issues/detail?id=11246):
Fix login failures "email <> is already assigned to account <> ..." after upgrading to v2.16.
Fix a recurring issue after the migration of external ids from ReviewDb
to NoteDb failing with the error 'Email <> is already assigned to
account <>' and thus failing LDAP authentication.
* [Issue 9001](https://bugs.chromium.org/p/gerrit/issues/detail?id=9001):
Fix external-id consistency checker e-mail validation.
Do not enforce emails on external IDs to be globally unique but allow the same e-mail
repeated multiple times as long as it associated to the same account id.
* Fix change message when automatically abandoning a change for a project
that has been deleted.
The change message and the message tag were inverted.
* Fix commit message subject when updating project description by REST API.
The tense of the commit message subject was inconsistent with other similar
messages.
* Fix commit timestamp when updating project configurations.
For some REST API operations that update the project configuration, the
commit that does the update on `refs/meta/config` had the wrong timestamp.
Rather than being the time of the actual commit, it was always the time
of the server startup.
This was the case for the following operations:
- Updating the description.
- Setting the parent project.
- Updating group names while getting access settings.
* Upgrade jackson-core to 2.10.0.
This version includes a fix for [CVE-2019-12384](https://nvd.nist.gov/vuln/detail/CVE-2019-12384).
* Add more detailed debug logging when not sending an outgoing email.
There are several conditions that could cause sending of an outgoing
email to be skipped. These are now logged at debug level.
* Increase severity to error for logging of exceptions during site initialization.
* [Issue 4824](https://bugs.chromium.org/p/gerrit/issues/detail?id=4824):
Handle multiple `httpd.listenUrl` values.
Per the [documentation](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.13/config-gerrit.html#httpd.listenUrl),
multiple values are supported, but if multiple values were specified Gerrit
would fail to start.
* Do not overwrite `httpd.listenUrl` during init, until the input has been checked as valid.
Fix a bug where during the Gerrit init in interactive mode the input was
invalid for the HTTP daemon settings, but still written to the configuration file.
### 2.16.12
* New features
* [Issue 11356](https://bugs.chromium.org/p/gerrit/issues/detail?id=11356):
Allow to override auto-detected Lucene index configuration.
The new settings
[`index.name.maxMergeCount`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.12/config-gerrit.html#index.name.maxMergeCount),
[`index.name.maxThreadCount`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.12/config-gerrit.html#index.name.maxThreadCount) and
[`index.name.enableAutoIOThrottle`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.12/config-gerrit.html#index.name.enableAutoIOThrottle)
allow to manually configure the Lucene index, rather than using auto-detected
values, to improve performance.
* PolyGerrit UI Fixes
* Add "Delete Changes" permission to the access editor.
* Remove obsolete "Delete Drafts" and "View Drafts" permissions from the access editor.
* Use --header-text-color css variable for some classes in gr-main-header
* Elasticsearch Updates:
* Upgrade elasticsearch-rest-client to 7.3.2.
* Other fixes
* [Issue 11491](https://bugs.chromium.org/p/gerrit/issues/detail?id=11491):
Fix git clone/fetch/pull over SSH in high-latency network ending with SSH_MSG_CHANNEL_WINDOW_ADJUST error.
* [Issue 11442](https://bugs.chromium.org/p/gerrit/issues/detail?id=11442):
Fix push failing with internal server error sporadically when notedb.changes.read=True is configured.
* [Issue 11205](https://bugs.chromium.org/p/gerrit/issues/detail?id=11205):
Allow Gerrit admins to reindex a change even when Read access is not allowed on its target branch.
* [Issue 11444](https://bugs.chromium.org/p/gerrit/issues/detail?id=11444):
Fix the wrong progress output during online migration in error_log and use the correct charset conversion.
* Upgrade JGit to 5.1.11.201909031202-r.
This version includes a fix for racy atomic ref updates.
* Replication plugin Fixes
* [Issue 11145](https://bugs.chromium.org/p/gerrit/issues/detail?id=11145):
Drain replication queue before stopping the plugin.
* [Issue 11424](https://bugs.chromium.org/p/gerrit/issues/detail?id=11424):
Fix ReplicationTasksStorage exceptions in error_log when triggering replication of all refs.
* Singleusergroup plugin Fixes
* [Issue 11498](https://bugs.chromium.org/p/gerrit/issues/detail?id=11498):
Fix group resolution for all numeric usernames.
### 2.16.11.1
* **Breaking changes**
* [Issue 11216](https://bugs.chromium.org/p/gerrit/issues/detail?id=11216):
Remove hard-coded bug tracker URL and use configured value if present.
* Increase default number of SSHD threads to at least 4.
The default value of the `sshd.threads` setting is changed to be either two
times the number of available CPU cores, or 4, whichever is greater.
* New Features
* [Issue 11028](https://bugs.chromium.org/p/gerrit/issues/detail?id=11028):
Add support for "Link Another Identity" screen in PolyGerrit
* CommitApi: Add method to get commit info
* [Issue 10166](https://bugs.chromium.org/p/gerrit/issues/detail?id=10166):
Add shortcuts for dashboard and watched changes in PolyGerrit
* [Issue 11201](https://bugs.chromium.org/p/gerrit/issues/detail?id=11201):
Add ability to have custom label with a missing text value in PolyGerrit
* Add a PolyGerrit extension point to show a small banner next to the search bar.
A plugin or a site theme (gerrit-theme.html) may register a custom
Element to be inserted into this endpoint.
* Expose Gerrit's GWT client library in the plugin API
* [Issue 5791](https://bugs.chromium.org/p/gerrit/issues/detail?id=5791):
Add an extension point to allow setting a site banner.
* Add an extension point to allow custom site footers.
* Elasticsearch Updates:
* [Issue 11266](https://bugs.chromium.org/p/gerrit/issues/detail?id=11266):
Add support for Elasticsearch 6.8.
* [Issue 11267](https://bugs.chromium.org/p/gerrit/issues/detail?id=11267):
Add support for Elasticsearch 7.3.
* Update elasticsearch-rest-client to 7.3.1.
* PolyGerrit fixes
* [Issue 11350](https://bugs.chromium.org/p/gerrit/issues/detail?id=11350):
Upgrade highlight.js to latest master revision.
The upgrade solves a rendering bug of Kotlin nested substitutions.
* [Issue 10733](https://bugs.chromium.org/p/gerrit/issues/detail?id=10733):
Fix anchors not working at page load on settings page
* [Issue 10062](https://bugs.chromium.org/p/gerrit/issues/detail?id=10062):
Fix Polygerrit converting plus (+) to space when calling email.confirm API,
and then failing with "invalid token"
* [Issue 11096](https://bugs.chromium.org/p/gerrit/issues/detail?id=11096):
Fix page not opening after a couple of times switching between GWT and PolyGerrit UI.
* [Issue 11344](https://bugs.chromium.org/p/gerrit/issues/detail?id=11344):
Fix commentlink URL and HTML links when canonical URL includes a base link.
* Other fixes
* [Issue 11348](https://bugs.chromium.org/p/gerrit/issues/detail?id=11348):
Display on error_log the progress of the online migration from ReviewDb to NoteDb.
* [Issue 11083](https://bugs.chromium.org/p/gerrit/issues/detail?id=11083):
Set the correct new revision on change-merged events when submitting by push.
When multiple changes are submitted at the same time by push, the new revision
in all the change-merged events should be the revision of the head of the
destination branch after all changes are submitted.
* [Issue 11106](https://bugs.chromium.org/p/gerrit/issues/detail?id=11106):
Fix missing comment context for left side in email notifications.
* Adapt `gerrit.sh` script to work on Alpine Linux.
* Expose Gerrit's GWT client library in the plugin API.
* Add a new method on the commit API to get "included in" information.
* Add methods on the change API to get comments and draft comments as lists.
* Add back the oneByExternalId method on InternalAccountQuery.
This was removed in 2.16 but is added back so it can be used by plugins
and extensions.
* Make DefaultChangeReportFormatter extendible by plugins.
* Make the wording of the "Change Merged" email templates consistent between the
HTML and text versions.
* Add a `.gitreview` file.
For developers used to using the [git-review tool](https://pypi.org/project/git-review/)
for interacting with gerrit servers, it's necessary to have a `.gitreview` file
in the repo in question pointing to where the gerrit is.
* Reduce log spam of "setting reductionLimit" debug messages of the Prolog engine.
* [Issue 11325](https://bugs.chromium.org/p/gerrit/issues/detail?id=11325):
Do not update change set modified date on ReviewDb when a user delete all its draft changes.
* Fix rebase change REST API returned status code.
The rebase change REST API returned 422 Unprocessable Entity, instead of 500 Internal Server Error,
if the specified base change is missing.
* Fix detecting changes of parent trees when computing change kind for merge commit.
A new patch set of a merge change is considered as NO_CHANGE if the
commits have the same delta and trees. For merge commits this includes
comparing the trees of the parent commits.
* Catch all exceptions for reporting on Schema_130 migration and display the name of the project
that failed the migration.
* Fix and expand documentation of REST API to get revision files
* [Issue 11235](https://bugs.chromium.org/p/gerrit/issues/detail?id=11235):
Fix ls-user-refs reporting wrong results because it was not using the identity of the username given as parameter.
* [Issue 11222](https://bugs.chromium.org/p/gerrit/issues/detail?id=11222):
Skip receive.maxBatchCommits when skip-validation option is passed and a commit validator implements
shouldValidateAllCommits
* [Issue 10855](https://bugs.chromium.org/p/gerrit/issues/detail?id=10855):
Fix standalone GWT plugin builds failing because of a broken transitive load of GWT_PLUGIN_DEPS for in-tree plugin builds
* [Issue 11148](https://bugs.chromium.org/p/gerrit/issues/detail?id=11148):
Speedup online reindex migration by skipping evaluation of submit rules for closed changes.
* [Issue 11016](https://bugs.chromium.org/p/gerrit/issues/detail?id=11016):
Fix Gerrit slave site init leads to update failure on system_config caused by read-only transaction
* [Issue 11271](https://bugs.chromium.org/p/gerrit/issues/detail?id=11271):
Update rules_go to 0.18.6 for compatibility with Bazel 0.27.0
* Replication plugin Fixes
* [Issue 10852](https://bugs.chromium.org/p/gerrit/issues/detail?id=10852):
Fix stale replications caused by in-flight pushes not properly removed when failed.
* [Issue 11204](https://bugs.chromium.org/p/gerrit/issues/detail?id=11204):
Fix creation of missing repository when replicating to a Gerrit server over HTTP.
* [Issue 11175](https://bugs.chromium.org/p/gerrit/issues/detail?id=11175):
Introduce new ref-filtering extension point for preventing replication of outdated SHA1s,
mostly useful in a multi-site scenario to prevent split-brain.
* [Issue 11055](https://bugs.chromium.org/p/gerrit/issues/detail?id=11055):
Fix failure to start when re-triggering persisted events
* [Issue 11172](https://bugs.chromium.org/p/gerrit/issues/detail?id=11172):
Fix persisted event is removed before all replications to all nodes are completed.
* When replication plugin is stopped or reloaded, mark all the currently pending replications as cancelled.
* Allow to configure timeout for SSH connections and SSH commands.
The timeouts can be configured with `gerrit.sshConnectionTimeout` and
`gerrit.sshCommandTimeout`, respectively.
* Make more classes and fields public/protected to ease extensibility.
* Improve handling of remote repository creation failures.
* Reintroduce boolean return value of methods in AdminApi.
* Refactor AdminApiFactory to an interface with a default implementation that
gets bound as a dynamic item, which can be replaced by derived implementations.
* When rescheduling due to in-flight push also log the in-flight task ID.
### 2.16.10
* [Issue 11016](https://bugs.chromium.org/p/gerrit/issues/detail?id=11016):
Fix failure to initialize on slave.
* [Issue 10763](https://bugs.chromium.org/p/gerrit/issues/detail?id=10763):
Fix ACLs to allow regexes for tag and ref permissions.
The documentation states that reference names can also be described with
a regular expression by prefixing the reference name with `^`, but the UI
only showed the creation field when a non-regex name was used.
* [Issue 11082](https://bugs.chromium.org/p/gerrit/issues/detail?id=11082):
Close changes oldest first when submitting on push.
* [Issue 11059](https://bugs.chromium.org/p/gerrit/issues/detail?id=11059):
Fix setting `BLOCK` on partial label range in permissions.
* [Issue 10852](https://bugs.chromium.org/p/gerrit/issues/detail?id=10852):
Replication plugin: Fix scheduling starvation.
* [Issue 11110](https://bugs.chromium.org/p/gerrit/issues/detail?id=11110):
Do not swallow the exceptions that caused REST-API to return with a status >= 400.
* [Issue 11086](https://bugs.chromium.org/p/gerrit/issues/detail?id=11086):
When a WIP change is implicitly merged by direct push to the branch, its WIP
state is unset.
* Show submit button with tooltip when not allowed to submit.
The submit button was hidden when the user did not have permission to submit,
or other conditions prevented submit (for example the change being WIP).
* Allow commit validation listeners to ignore the `skip-validation` push option.
Gerrit allows certain users to skip validation of new commits by passing
the `skip-validation` push option.
A new method `shouldValidateAllCommits` is added on the
`CommitValidationListener`, to allow plugin implemented validators to
override this option and always be invoked for new commits. The new
method has a default implementation that returns `false` meaning that
existing implementations don't need to be modified and will behave the
same as before.
* Optimize commit and ref operation validation for non-ff push.
On a non-ff push all the commits were validated before the ref operation
was validated. On a push with many commits, validating all the commits is
wasteful in the case where the ref operation is rejected. The logic is
changed so that the ref operation validation is performed before the commit
validation.
* Disallow change index task duplication.
It was possible for multiple index tasks to be queued for the same change.
* Fix formatting issues and inconsistencies in soy email templates.
* Use URL Formatter interface to generate URL in outgoing emails.
* Fix error message when JRE is not found when starting Gerrit.
The error message recommended to check for a JRE ">= 1.7", but Gerrit requires
Java 8 minimum.
* Expose the `createProject` method of the `CreateProject` class to plugins.
This allows plugins to directly invoke the project creation, avoiding the
checks that are performed when invoking via the `apply` method.
* Expose the jsr305 library in the plugin API.
* PolyGerrit UI Fixes
* Only display 404 page on initial load.
* Don't reload when viewing dashboard.
* Fix hiding the HTTP password screen.
It was possible for the HTTP password to be un-hidden using CSS.
* Add an extension point to allow adding links to the user header.
* Add extension point to the footer so that users can add links to their
Privacy policy or Code of conduct.
* Fix dialog popup when going to /admin/create-project.
* Elasticsearch Fixes
* Support for Elasticsearch 7.2 and and upgrade elasticsearch-rest-client to 7.2.0.
* [Issue 10499](https://bugs.chromium.org/p/gerrit/issues/detail?id=10499):
Set default number of shards according to Elasticsearch version.
In Elasticsearch version 7.0 the default number of shards was reduced from
5 to 1.
See the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/getting-started-concepts.html#getting-started-shards-and-replicas)
for details.
### 2.16.9
* Improve performance of migration of accounts to schema 146.
* Migration of the accounts is parallelized. The default number of threads
used is the number of available processors. This can be customized using
the `threadcount` system property.
* Before the migration, `gc --prune=now` is executed.
* When hosted on `FileRepository`, refs are packed after migration of every
1000 accounts.
* A progress indicator counts every 100 accounts migrated.
* [Issue 10790](https://bugs.chromium.org/p/gerrit/issues/detail?id=10790):
Avoid evaluating submit rules twice for open changes.
Prolog submit rules were evaluated twice per page view for an open change,
which caused performance degradation on projects defining complex rules.
* [Issue 10943](https://bugs.chromium.org/p/gerrit/issues/detail?id=10943):
Set `References:` header on new change notification mail.
GMail changed the way
[emails are grouped in conversation view](https://gsuiteupdates.googleblog.com/2019/03/threading-changes-in-gmail-conversation-view.html),
which, combined with the fact that
[Amazon SES changes the `Message-ID` header](https://forums.aws.amazon.com/message.jspa?messageID=262855),
resulted in the new change notification email not being grouped with
subsequent emails related to the same change.
* [Issue 10896](https://bugs.chromium.org/p/gerrit/issues/detail?id=10896):
Fix eliding project name without slash in notification emails.
* [Issue 10920](https://bugs.chromium.org/p/gerrit/issues/detail?id=10920):
Fix commit date of initial empty commit when creating new project.
The commit date of the initial commit was the server start time, rather than
the date of the actual commit.
* [Issue 10952](https://bugs.chromium.org/p/gerrit/issues/detail?id=10952):
Fix definition of `PID` in `gerrit.sh`.
* Don't send "GPG keys added" notification when no GPG keys were added.
A GPG key update can include both addition and removal of GPG keys. The
notification email for addition of new keys was always sent, even if the
update only removed keys.
* Update email notifications on changing security related settings.
Email notifications are now sent when a GPG or SSH key is removed, and
when the HTTP password is deleted or changed.
An email notification is now always sent when an SSH key is added to an
account, even when it was added by an administrator.
These notifications allow to alert the user if their account is compromised
and keys or password are altered by the attacker.
* Remove explicit dependency on protobuf_java.
The protobuf_java library is now consumed from rules_closure.
* Add methods to generate and set the HTTP password on the accounts API.
* Don't send "GPG keys added" notification when no GPG keys were added.
A GPG key update can include both the addition and removal of GPG keys. The
notification email for the addition of new keys was always sent, even if the
update only removed keys.
* Add methods to generate and set the HTTP password on the accounts API.
* [Issue 10664](https://bugs.chromium.org/p/gerrit/issues/detail?id=10664):
Fix duplicate key detection when using MySQL for the patch review store.
Retrieve the error code number from the SQL exception to
correctly detect and ignore a duplicate key error.
* [Issue 10359](https://bugs.chromium.org/p/gerrit/issues/detail?id=10359):
LDAP: support servers that do not allow anonymous browsing.
Add `ldap.supportAnonymous` configuration setting in gerrit.config to support
servers that do not allow anonymous browsing. Default is true per standard and
best practice.
* Elasticsearch fixes
* [Issue 10496](https://bugs.chromium.org/p/gerrit/issues/detail?id=10496) and
[Issue 10844](https://bugs.chromium.org/p/gerrit/issues/detail?id=10884):
Fix usage of `include_type_name` in index creation.
* Add support for Elasticsearch 7.1.
* Upgrade elasticsearch-rest-client to 7.1.1.
* PolyGerrit UI fixes
* [Issue 11020](https://bugs.chromium.org/p/gerrit/issues/detail?id=11020):
Add syntax highlighting for mjs files.
* [Issue 10549](https://bugs.chromium.org/p/gerrit/issues/detail?id=10549):
Fix single tab indentation in PolyGerrit diff view.
* [Issue 9409](https://bugs.chromium.org/p/gerrit/issues/detail?id=9409):
Fix replacement of file content when navigating between files with `[` and `]`.
* Upgrade polymer-resin to 2.0.1.
* [Issue 10670](https://bugs.chromium.org/p/gerrit/issues/detail?id=10670):
Fix selection of merge base when navigating between merge commit changes.
When navigating between merge commit changes, the selection of the merge base was not persisted.
* Hide overflowing author element content.
In the case of vertical stacking Unicode characters, it was possible for
the text to overflow out of the element and into other details on the
review page.
That is a partial fix for the problem described in
[issue 10795](https://bugs.chromium.org/p/gerrit/issues/detail?id=10795).
* [Issue 10744](https://bugs.chromium.org/p/gerrit/issues/detail?id=10744):
Fix display of "Show More" after change screen reloaded.
* [Issue 10757](https://bugs.chromium.org/p/gerrit/issues/detail?id=10757):
Fix handling of "Automatically mark viewed files reviewed" preference.
Files were automatically marked as reviewed even when the setting was
disabled.
* [Issue 10549](https://bugs.chromium.org/p/gerrit/issues/detail?id=10549):
Fix single tab indentation in diff view.
* Use dom-if instead of CSS when hiding the user's password in the element
`gr-http-password`, to prevent users from using CSS to reshow the
password screen.
* Hide project-aware top menus from the header.
* Upgrade highlightjs for syntax highlighting fixes:
- Treat `False`, `None` and `True` as literals in python.
- Fully support C++11 raw strings in cpp.
* Core plugins
* Replication plugin: Fix internal server error when username or password not
specified for remote.
The username and password are both optional, but the replication plugin
failed with a null pointer exception if either of them was omitted.
* codemirror-plugin: upgraded to the latest revision on master, which includes
the following fixes and improvements:
- Bazel: Fix lint warning flagged by buildifier
- Add .mailmap
- Remove CodeMirror modes that are not supported at Google
* Documentation updates
* [Issue 10897](https://bugs.chromium.org/p/gerrit/issues/detail?id=10897):
Update links to Google individual and corporate CLA pages.
* Clarify that account must have a username to be able to set HTTP password.
* Fix formatting in project config documentation.
### 2.16.8
* [Issue 10695](https://bugs.chromium.org/p/gerrit/issues/detail?id=10695):
Upgrade JGit to 5.1.7.201904200442-r to fix regression in packfile list
handling.
If `core.trustfolderstat` was set to `false`, an infinite loop could occur
when an object was not found in the packfile.
* Add support for Elasticsearch 6.7.x and 7.0.x.
The elasticsearch-rest-client is upgraded to 7.0.0.
* Don't abort auto-abandoning if one change failed.
When failing to query a single change during auto-abandoning, the whole
process was aborted. Now the failure is logged and the process continues
to attempt to abandon subsequent changes.
* [Issue 10693](https://bugs.chromium.org/p/gerrit/issues/detail?id=10693):
Avoid empty item in list of conflicting files on cherry-picking a change.
* Fix leak of temp files during merge operations.
`TemporaryBuffer` instances created during merge operations could leave
undeleted temporary files in the file system.
* Improve logging of invalid schedule values, and clarify documentation.
When a schedule value, for example `gc.startTime` or `gc.interval`, was
configured, the error message in the log was not helpful. This is now
improved to include more information about what was wrong.
Additionally, the documentation is updated to clarify that the hour
value in times must be zero-padded.
* Install `AddKeyHtml.soy` template example during installation.
The installation of this template into `$site_path/etc/mail` was
omitted.
* Upgrade Flogger to version 0.4.
* Upgrade metrics-core to 4.0.5.
* Upgrade protobuf-java to 3.7.1.
* PolyGerrit Fixes
* [Issue 10696](https://bugs.chromium.org/p/gerrit/issues/detail?id=10696):
Increase autocomplete limit for repo inheritance in access page to 50.
* [Issue 10703](https://bugs.chromium.org/p/gerrit/issues/detail?id=10703):
Highlight Starlark files as Python.
* Do not show the HTTP credentials screen when auth type is not HTTP.
### 2.16.7
#### New Features
* [Issue 5728](https://bugs.chromium.org/p/gerrit/issues/detail?id=5728):
Add support for cherry-picking changes with merge conflicts in PolyGerrit.
* [Issue 8081](https://bugs.chromium.org/p/gerrit/issues/detail?id=8081):
Add support for "Show Relative Dates in Changes Table" preference in PolyGerrit.
* [Issue 8838](https://bugs.chromium.org/p/gerrit/issues/detail?id=8838):
Add support for "Default Base For Merges" preference in PolyGerrit.
#### Bug fixes
##### PolyGerrit
* [Issue 9851](https://bugs.chromium.org/p/gerrit/issues/detail?id=9851):
Fix avatars not showing correctly.
* [Issue 8495](https://bugs.chromium.org/p/gerrit/issues/detail?id=8495):
Do not show "Patch file" if change does not have a parent.
* [Issue 10494](https://bugs.chromium.org/p/gerrit/issues/detail?id=10494):
Fix display of change creation screen on mobile devices.
* [Issue 8678](https://bugs.chromium.org/p/gerrit/issues/detail?id=8678):
Fix setting "Automatically mark viewed files reviewed" in user preferences.
* [Issue 10586](https://bugs.chromium.org/p/gerrit/issues/detail?id=10586):
Fix syntax highlighting for Verilog/SystemVerilog.
* Fix that an endpoint cannot be used by two plugins anymore.
'name' does not exist on the plugin object, so the _initializedPlugins map
would store undefined=>true for the first plugin and then not allow any
further plugins.
For example the change-view-integration could not be used by buildbucket and
tricium anymore.
* [Issue 10587](https://bugs.chromium.org/p/gerrit/issues/detail?id=10587):
Fix setting group visibility.
##### Other Fixes
* [Issue 10562](https://bugs.chromium.org/p/gerrit/issues/detail?id=10562):
Upgrade JGit to 5.1.6.201903130242-r to fix corruption of packfile
list due to concurrent access during GC.
See [JGit issue 544199](https://bugs.eclipse.org/bugs/show_bug.cgi?id=544199)
for details.
* [Issue 10591](https://bugs.chromium.org/p/gerrit/issues/detail?id=10591):
Fix account and group query with Elasticsearch 6.
The wrong document type was used in the request URL, causing the query to
return no results.
* [Issue 7192](https://bugs.chromium.org/p/gerrit/issues/detail?id=7192):
Strip trailing slashes from name when creating repository.
* [Issue 10568](https://bugs.chromium.org/p/gerrit/issues/detail?id=10568):
Add `is:submittable` to search suggestions.
* [Issue 10600](https://bugs.chromium.org/p/gerrit/issues/detail?id=10600):
Fix `commit-msg` hook to abort commit when commit message is empty.
* Allow the `@LogThreshold` annotation to be inherited.
* Fix documentation of hashtag: search predicate.
The documentation incorrectly stated that the search was an exact match.
### 2.16.6
#### New features
* New configuration option: `gerrit.primaryWeblinkName`.
The new configuration option allows to specify the name of the link the UI
should use when multiple weblink providers are available but only one single
link may be shown on the UI.
* New configuration option: `gerrit.listProjectsFromIndex`.
The new configuration option allows restoring the legacy behavior of using
the in-memory cache for rendering the list of projects. When set to true
the list of projects is rendered using the secondary index and thus is limited
by the queryLimits.
By default is set to false, the in-memory cache is used as an engine for listing
and thus returns all the projects without limits.
#### PolyGerrit UI changes
* Gitiles change-weblink with default weblink name ("browse") is now inline.
If available a weblink that links to a code-browser is displayed inline
on the change screen. Previously weblinks were only considered links to
code-browsers if their name was one of "gitweb","gitiles". Weblinks with
name "browse" are now also considered to be links to code-browsers and are
displayed inline (href of current patchset and parent SHA1s) unless gitweb
is available and configured as gerrit.primaryWeblinkName.
#### Plugins API
* New annotation @LogThreshold for setting a logging level during the execution
of the tests. By default is set to DEBUG for backward compatibility.
#### Bug fixes
##### PolyGerrit
* [Issue 10467](https://bugs.chromium.org/p/gerrit/issues/detail?id=10467):
Fix hard-coded title for mark reviewed/unreviewed button.
The button title was always "Mark as reviewed" even when the change was
already marked as reviewed.
* [Issue 10155](https://bugs.chromium.org/p/gerrit/issues/detail?id=10155):
Exclude WIP changes from 'Assigned Changes' dashboard.
* [Issue 10415](https://bugs.chromium.org/p/gerrit/issues/detail?id=10415):
Fix replacement of project name placeholder in download command.
* [Issue 9911](https://bugs.chromium.org/p/gerrit/issues/detail?id=9911):
Add dependency on resemblejs.
* [Issue 10344](https://bugs.chromium.org/p/gerrit/issues/detail?id=10344):
Fix faulty relative URLs for change weblinks.
* [Issue 10355](https://bugs.chromium.org/p/gerrit/issues/detail?id=10355):
Show all change-weblinks considered "code browser" weblinks.
* [Issue 10505](https://bugs.chromium.org/p/gerrit/issues/detail?id=10505):
Show border at 72 chars for commit messages in side-by-side view.
* Fix error in plugin loading.
* Fix support for xml syntax highlighting.
* Add commit container gr endpoint for plugins.
* Fix missing `</section>` in gr-settings-view.
##### Other Fixes
* [Issue 10512](https://bugs.chromium.org/p/gerrit/issues/detail?id=10512):
Include project name in change URL in `Reviewed-on:` footer in commit message.
* [Issue 10500](https://bugs.chromium.org/p/gerrit/issues/detail?id=10500):
Fix injection of `UrlFormatter` in plugins.
In version 2.16.1 the binding of the `UrlFormatter` interface was changed to
use `DynamicItem`, but several classes were still injecting it directly. As a
result, when such a class got injected in a plugin, the plugin would fail to load.
It was also not possible for a plugin to provide an alternative implementation of
`UrlFormatter`, and the `DefaultChangeReportFormatter` always used the
`DefaultUrlFormatter`.
* [Issue 10488](https://bugs.chromium.org/p/gerrit/issues/detail?id=10488):
Fix listing of GPG public keys.
The GPG public keys were truncated in the output of the GPG key REST API
endpoints.
* Fix authentication for LFS over SSH.
* Add logging of prolog rule reduction limits.
The configured values of `rules.reductionLimit` and `rules.compileLimit`
are logged at INFO level at server startup, and the effective value applied
to a predicate is logged at DEBUG level.
* Improve error message when JRE cannot be found during site start.
* Suggest `--no-edit` option when `Change-Id` line is missing.
When the `Change-Id` is missing, the commit can be amended without
editing.
* Fix `commit-msg` hook to not add a Change-Id when `gerrit.createChangeId`
is disabled.
* Upgrade elasticsearch-rest-client to 6.6.1.
### 2.16.5
#### New features
Allow searching for projects by parent project name, using the 'parent:foo' search operator in the query string.
See the [projects search operator documentation](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.5/user-search-projects.html#search-operators)
for more details.
#### Dependency Updates
* [Issue 10024](https://bugs.chromium.org/p/gerrit/issues/detail?id=10024): Upgrade Jetty to 9.4.14.v20181114
This version fixes a bug that prevents the go-import plugin from working
* [Issue 10279](https://bugs.chromium.org/p/gerrit/issues/detail?id=10279): Upgrade highlight.js to 9.14.0
This version fixes highlighting when Dart's string interpolation feature is used.
#### Fixes
##### PolyGerrit
* Add warning that Javascript is required to use PolyGerrit.
* [Issue 10366](https://bugs.chromium.org/p/gerrit/issues/detail?id=10366):
Fix loading topics that have unusual characters.
* [Issue 10415](https://bugs.chromium.org/p/gerrit/issues/detail?id=10415):
Fix project name in the download-commands screen
* [Issue 4614](https://bugs.chromium.org/p/gerrit/issues/detail?id=4614):
Add "verilog" and "SystemVerilog" to the mime list, enabling syntax highlighting.
* [Issue 10309](https://bugs.chromium.org/p/gerrit/issues/detail?id=10309):
Support for setting max/min value for "Query Limit" and "Batch Changes" on the project's access screen.
##### API Changes
* Add a method to get revision votes on the revision API.
* [Issue 10380](https://bugs.chromium.org/p/gerrit/issues/detail?id=10380):
Use project index to render change list on GWT UI.
__NOTE__: As a consequence of this change, the [list projects REST-API](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.5/rest-api-projects.html#list-projects)
and project list screen on GWT UI will be subject to the same [queryLimit capability settings](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.5/access-control.html#capability_queryLimit)
as in the PolyGerrit UI. The same limit applies to the [gerrit ls-projects](https://gerrit-documentation.storage.googleapis.com/Documentation/2.16.5/cmd-ls-projects.html) command.
* [Issue 10382](https://bugs.chromium.org/p/gerrit/issues/detail?id=10382)
DefaultMemoryCacheModule/DefaultMemoryCacheFactory are exported again in plugin API.
* [Issue 10401](https://bugs.chromium.org/p/gerrit/issues/detail?id=10401):
Reimplement the project children API on top of the projects secondary index, which requires
a significantly less amount of heap and CPU.
#### Other fixes
* Add support for Elasticsearch 6.6.
### 2.16.4
#### Reindex for projects, accounts and groups indexes.
Gerrit 2.16.4 includes a fix to the projects, accounts, and groups secondary indexes.
It is very unusual for Gerrit to require a reindex inside a point release.
However, this is an exception because it is the only solution to fix the list sorting
[Issue 10210](https://bugs.chromium.org/p/gerrit/issues/detail?id=10210) reported on PolyGerrit.
The reindex of projects, accounts and groups can be performed either offline or online.
For the offline reindex, make sure that Gerrit is not active and run the following commands:
``` sh
java -jar gerrit.war reindex --index projects -d ${site_path}
java -jar gerrit.war reindex --index groups -d ${site_path}
java -jar gerrit.war reindex --index accounts -d ${site_path}
```
The online reindex does not require any commands: upgrade the gerrit.war
and restart Gerrit.
**NOTE**: The online reindex for projects may take quite a long time and
require a substantial amount of heap memory to run. During the reindex operation,
Gerrit performance may be sluggish and, even after the reindex is complete,
it would take quite some time for the memory to be released.
It is thus recommended to perform the offline reindex, to avoid impacting the
server performance at startup and after the reindex is complete.
#### Fixes
##### PolyGerrit
* [Issue 8740](https://bugs.chromium.org/p/gerrit/issues/detail?id=8740):
Disable deps.js requests in the index template to fix page load delay.
* [Issue 10371](https://bugs.chromium.org/p/gerrit/issues/detail?id=10371):
Fix an issue where a saved edit would always restore the same content
in subsequent edits of the same file, due to the cache not being erased.
* [Issue 9909](https://bugs.chromium.org/p/gerrit/issues/detail?id=9909):
Do not crash PolyGerrit UI if permitted labels array is empty
* [Issue 10324](https://bugs.chromium.org/p/gerrit/issues/detail?id=10324):
Allow plugins (e.g. delete-project) to control the cache invalidation
and display new content immediately without refreshing the page.
* Fix broken links in gr-icons.html.
* [Issue 7669](https://bugs.chromium.org/p/gerrit/issues/detail?id=7669),
[Issue 9614](https://bugs.chromium.org/p/gerrit/issues/detail?id=9614):
Fix '/' getting typed in search bar when pressed.
* [Issue 10151](https://bugs.chromium.org/p/gerrit/issues/detail?id=10151):
[Issue 10019](https://bugs.chromium.org/p/gerrit/issues/detail?id=10019):
Fix the "delete" button visibility to allow branch deletion.
* [Issue 10317](https://bugs.chromium.org/p/gerrit/issues/detail?id=10317):
Don't show "Same Topic" for only one change.
When there is only one change in the topic, it doesn't add any value
to show the "Same Topic" tab/section because it will always only include
the currently viewed change.
The query used to get the changes is modified to exclude the current
change. This means that the "Same Topic" tab/section now only shows other
changes in the same topic, but never the current change.
#### Other fixes
* [Issue 10326](https://bugs.chromium.org/p/gerrit/issues/detail?id=10326):
Fix excessive heap and CPU usage when listing projects.
* Create the `.git/hooks` folder in download commands.
* Add method to get related changes in the Changes API.
* Add method to get edit details in the Change Edit API.
The new method allows to set the base revision, and request to include the
files and download commands.
* Add `--skip-project` option to the `MigrateToNoteDb` command.
This is useful when only a few projects should be skipped but all others
should be migrated.
### 2.16.3
* [Issue 10262](https://bugs.chromium.org/p/gerrit/issues/detail?id=10262):
Upgrade JGit to 5.1.5.201812261915-r to fix validation of `wants` in
`git-upload-pack` for protocol v0 stateless transports.
AdvertiseRefsHook was not called for `git-upload-pack` in protocol v0
stateless transports, meaning that `wants` were not validated and
a user could fetch anything that is pointed to by any ref (using fetch-by-sha1),
as long as they could guess the object name.
* [Issue 10242](https://bugs.chromium.org/p/gerrit/issues/detail?id=10242):
Fix regression that allows a user's account to be taken over when multiple
authentication providers are in use.
A regression introduced in 2.14.7 allowed a user's account to be taken
over by creating an account on a different provider with exactly the same
username as the existing Gerrit account.
* [Issue 10082](https://bugs.chromium.org/p/gerrit/issues/detail?id=10082):
Decouple online reindex activation from index module.
Plugins were not loaded before online indexing was triggered, resulting
in plugin-contributed submit rules not being evaluated during indexing.
Online reindex activation is now decoupled from the index module and
thus postpones the triggering of online reindexing until after loading
of the plugins.
* Evict group caches on group creation.
If a group was created after a previous cache miss for its name, Id,
or UUID, the cache also did not return the group if it is called
immediately after the group was created.
* [Issue 10240](https://bugs.chromium.org/p/gerrit/issues/detail?id=10240):
Fix internal server error when cloning a repository from Gerrit slave.
* Improve error handling if comment note is too large during schema migration.
During migration to schema 169, comments in NoteDb are migrated to json.
If loading the blob for a comment note failed due to being too large (in
excess of a hard-coded 25MB limit), the migration would fail.
The hard-coded limit is now removed. It is still possible that the migration
can fail if the blob is excessively large, but the logging of such a
failure is improved so that the change that failed can be tracked down.
* [Issue 4278](https://bugs.chromium.org/p/gerrit/issues/detail?id=4278):
Fix wrong code snippet in email notifications.
* Upgrade jackson-core to 2.9.8.
[Version 2.9.8](https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8)
includes several bug fixes, including security fixes.
* Upgrade elasticsearch-rest-client to 6.5.4.
* [Issue 10263](https://bugs.chromium.org/p/gerrit/issues/detail?id=10263):
Include edit ref in `EditInfo` element returned by the edit API.
It was not possible for users of the Java API to get the edit ref.
* Export the project indexer in the plugin API.
* [Issue 10260](https://bugs.chromium.org/p/gerrit/issues/detail?id=10260):
Replication plugin: Fix auto-replay of stored events during config reload.
* Add a new method on the account API to set the account name.
* Add new methods on the project API to get/set the project's `HEAD`.
#### PolyGerrit
* [Issue 9410](https://bugs.chromium.org/p/gerrit/issues/detail?id=9410):
Add the GWT hash separator to the GWT url.
* Merge top menu items contributed by plugins.
Each plugin contributes a list single of menus, which are expected
to be merged in existing top menu entries if they already exist. This
was implemented in the GWT UI, but not in PolyGerrit.
* [Issue 10267](https://bugs.chromium.org/p/gerrit/issues/detail?id=10267):
Add support for several more MIME types in syntax highlighting.
Support is added for: powershell, xquery, cmake, coffeescript, crystal, diff,
django, dockerfile, ebnf, elm, erlang, fortran, groovy, haml, haxe, ini, julia,
latex, less, mathematica, nginx, nsis, postgresql, q, scss, scheme, excel, tcl,
twig, vb, vbscript.
* [Issue 10137](https://bugs.chromium.org/p/gerrit/issues/detail?id=10137):
Fix alignment of the "By User" column on the group audit screen.
### 2.16.2
* __SECURITY__ [Issue 10201](https://bugs.chromium.org/p/gerrit/issues/detail?id=10201):
Remove support for Git protocol v2, because of a security vulnerability discovered
The JGit implementation of protocol V2 does not invoke the
advertiseRefsHook on fetch and ls-refs, which results in all
refs being sent, regardless of the configured ACLs.
* [Issue 9024](https://bugs.chromium.org/p/gerrit/issues/detail?id=9024):
Fix setting `PRIVATE` and `WIP` for updated changes in console report.
In some cases the private and work-in-progress status indicator for
changes updated by push was shown incorrectly.
* [Issue 10564](https://bugs.chromium.org/p/gerrit/issues/detail?id=10564):
Fix case-insensitive searching of hashtags.
The index field has always been stored lowercase, since we intended
hashtag searches to be case-insensitive. However, we never converted the
input string to lower case, with the unexpected result that searching
for `hashtag:ACamelCaseTag` would not return results for changes who
contain that exact hashtag.
* [Issue 10112](https://bugs.chromium.org/p/gerrit/issues/detail?id=10112):
Upgrade rules_closure to make Gerrit buildable with the latest Bazel version.
* [Issue 9781](https://bugs.chromium.org/p/gerrit/issues/detail?id=9781):
Fix full ACL evaluation for LDAP groups.
The LDAP groups have been historically filtered by relevance to
the Gerrit ACLs. However, that optimization has the side effect
of blocking users to access legitimate projects if they are
temporarily not cached in memory.
Allow to disable the LDAP filtering optimization for having always
a 100% consistent ACL evaluation, regardless of the project's cache
status.
* Upgrade elasticsearch-rest-client to 6.5.3.
* Discontinue support for Elasticsearch 2.4.
* Add preliminary support for Elasticsearch 7.
Support for Elasticsearch 7 is added, and tested against the `alpha1`
release.
* Add a new method on the account API to set the account name.
### 2.16.1
* [Issue 10018](https://bugs.chromium.org/p/gerrit/issues/detail?id=10018):
Fix failure to upgrade schema when migrating from 2.13.
* [Issue 10038](https://bugs.chromium.org/p/gerrit/issues/detail?id=10038):
Add support for Elasticsearch 6.5.
* [Issue 10052](https://bugs.chromium.org/p/gerrit/issues/detail?id=10052):
Fix invalid requests to Elasticsearch.
* [Issue 10021](https://bugs.chromium.org/p/gerrit/issues/detail?id=10021):
Security - Disallow create project to execute arbitrary code on the client
by quoting and encoding project names.
* Fix incorrect json in the example for the 'Set Access' REST endpoint.
* [Issue 10143](https://bugs.chromium.org/p/gerrit/issues/detail?id=10143):
Fix internal server error when running the `kill` command.
* [Issue 9768](https://bugs.chromium.org/p/gerrit/issues/detail?id=9768):
Explicitly set the number of shards and replicas for Elasticsearch, and
allow them to be configured.
From Elasticsearch version 7 the default number of shards per node
will be changed from 5 to 1.
The number of shards and number of replicas are now explicitly set when
creating the index.
The new settings `elasticsearch.numberOfShards` and `elasticsearch.numberOfReplicas`
allow the values to be configured. The default values are 5 and 1,
respectively, which is the same as the default values used by Elasticsearch
prior to version 7.
* Discontinue support for Elasticsearch 2.4.
* Add preliminary support for Elasticsearch 7.
Support for Elasticsearch 7 is added, and tested against the `alpha1`
release.
* Fix internal server error when listing reviewers of a change with reviewers by email.
Reviewers by email don't have an account ID but formatting reviewers as
JSON tried to get account IDs of all reviewers. This failed when the
change had any reviewers by email.
* Do not create index on `account_group_members` table in postgres database.
The `account_group_members` table was deleted, but the postgres
setup still tried to create an index on it, which prevented a new
site from starting up.
* Don't serve PolyGerrit UI when running in headless mode.
* Don't serve static resources when running in slave mode.
* Fix assignee's status on the change screen.
The assignee field's status showed the change owner's status text.
* Add missing documentation of the 'Read As' capability.
#### Breaking changes
* [Change-Id: I3752456](https://gerrit-review.googlesource.com/c/gerrit/+/205682) Use dynamic binding for `UrlFormatter`.
The `UrlFormatter` interface had a fixed binding to its default
implementation, which meant it was not possible for plugins to
provide a different implementation but were merely injecting it
when needed
It is now possible to replace the default implementation using
a DynamicItem<UrlFormatter> which requires a change in how it is
injected and used in plugins.