Google Git
Sign in
gerrit / homepage / 50584f9e69bfb95efc63fa1245620a0f80cdb6f5 / . / pages / site / releases / 3.6.md
blob: 6b7dd02ea8fe8d72a6e34768313cd448877db931 [file] [log] [blame] [view]
---
title: "Gerrit 3.6.0"
permalink: 3.6.html
hide_sidebar: true
hide_navtoggle: true
toc: true
---
Download: **[3.6.8](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.8.war)**
| [3.6.7](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.7.war)
| [3.6.6](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.6.war)
| [3.6.5](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.5.war)
| [3.6.4](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.4.war)
| [3.6.3](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.3.war)
| [3.6.2](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.2.war)
| [3.6.1](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.1.war)
| [3.6.0](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.0.war)
Documentation: **[3.6.8](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.8/index.html)**
| [3.6.7](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.7/index.html)
| [3.6.6](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.6/index.html)
| [3.6.5](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.5/index.html)
| [3.6.4](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.4/index.html)
| [3.6.3](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.3/index.html)
| [3.6.2](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.2/index.html)
| [3.6.1](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.1/index.html)
| [3.6.0](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.0/index.html)
## Release highlights
Gerrit 3.6 is fully compatible with Java 17 LTS.
### Submit Requirements
Gerrit deprecates the use of Prolog for definition of custom logic in the submit rules. From this version
onwards the rules can be expressed using the new concept of [Submit Requirements](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.0/config-submit-requirements.html).
Submit Requirements have several advantages, compared to the legacy Prolog rules:
- Easier to understand, defined through simple boolean expressions using a
higher-level change search predicates and common boolean operator.
- Lower footprint: they do not require backtracking in their evaluation,
consuming less CPU cycles.
- Richer GUI: makes it easy for reviewers and change owners to identify and
understand missing requirements.
Existing projects relying on Prolog will still work as expected, allowing a
smoother project transition.
Submit requirements also introduce new handy functions that allow to achieve
complex rules equivalent to the old Prolog rules but with an easier syntax:
- support checking on content modifications and file diffs with the `file:`
operator.
- `distinctvoters` predicate allows gating submission on N distinct voters
across more than one label.
- `authoremail` operator similar to the older `commit_author` Prolog predicate
- `message` predicate to support regular expression on the commit message as a
condition.
> **NOTE**: With the new submit requirements, submit records are no longer emitted.
> This means that any queries with the label formats (`label:Code-Review=NEED` or `label:Code-Review=OK`) will
> no longer match with changes. See more details in [Change 330203](https://gerrit-review.googlesource.com/330203).
## Important notes
### Schema and index changes
This release doesn't formally contain schema changes, however the NoteDb format has
evolved and includes the following amendments:
- [Change 324937](https://gerrit-review.googlesource.com/c/gerrit/+/324937):
The label in NoteDb has a UUID suffix
- [Change 323897](https://gerrit-review.googlesource.com/c/gerrit/+/323897):
The review score is only read from the latest patch-set
> NOTE: Because of the above incompatibilities, upgrade is supported only from
> Gerrit v3.5.2 onwards, because of the need of the extra `copy-approvals` tool
> and the backward compatibility fix on UUID suffixed labels.
> Failing to run the `copy-approvals` tool in v3.5.2 would leave the changes
> with a potentially stale approval score once the site is migrated to v3.6.
The `changes` index version has been increased to version 77. By default the
index is automatically rebuilt upon the Gerrit startup after the
upgrade.
### Offline upgrade
Upgrade to [Gerrit v3.5.2](../3.5.html#352) or later and make sure that the `copy-approvals`
site program has been run at least once.
```sh
java -jar gerrit.war copy-approvals -d site_path
```
Download the [Gerrit v3.6.0 war](https://gerrit-releases.storage.googleapis.com/gerrit-3.6.0.war) and
run the `init` program:
```sh
java -jar gerrit-3.6.0.war init -d site_path
```
Run offline reindexing of the changes:
```sh
java -jar gerrit.war reindex --index changes -d site_path
```
### Online upgrade with zero-downtime
Gerrit v3.6.x supports zero-downtime upgrade from Gerrit v3.5.2 or later when
configured using a [high-availability configuration](https://gerrit.googlesource.com/plugins/high-availability/+/refs/heads/master/README.md),
and the Git repositories are stored in a shared filesystem such as NFS or
similar.
During the zero-downtime upgrade, Gerrit end-users would not notice any outage
or service disruption. They will be able to perform any read/write Gerrit
operation on the GUI or using using any API.
The zero-downtime upgrade consists of the following steps:
1. Have Gerrit servers running v3.5.2 or later, in high-availability
configuration, healthy and able to handle the incoming traffic properly.
2. Run the `copy-approvals` SSH command against one of the Gerrit servers
and wait for completion on all changes for all projects.
3. Set the Gerrit server unhealthy.
4. Shutdown the Gerrit server, update gerrit.war and plugins to v3.6.x and start
Gerrit again.
5. Verify that the Gerrit server is working properly (e.g. run automated smoke
tests) and then make it healthy again.
6. Wait for the Gerrit server to start serving traffic normally.
7. Repeat steps 3. to 6. for all the other Gerrit servers.
### Update gerrit.reportBugUrl configuration
The issues of the Gerrit Code Review project have been migrated from
Monorail into the new Gerrit Tracker, see announcement at:
https://groups.google.com/g/repo-discuss/c/F4havFh_Bvw/m/D5MsV17yAgAJ
If the [gerrit.reportBugUrl](https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#gerrit.reportBugUrl)
setting on your Gerrit server is pointing to the Gerrit Monorail project, which
is deprecated now, please update the URL to point to the new Gerrit Tracker,
e.g. change https://bugs.chromium.org/p/gerrit/issues/entry?template=Bug+Report
to https://issues.gerritcodereview.com/issues/new.
### Breaking changes
* The __ignore__ feature is completely removed from Gerrit's web app; the `ignore`
and `unignore` actions and the associated `is:ignored` predicate are not supported
anymore.
Gerrit has the attention set feature since v3.4. If you want to ignore a change,
then you can remove yourself from the attention set or the list of reviewers/ccs.
That makes it also clearer to your collaborators that you don't want to participate.
The legacy __ignore__ feature did not have any effect on the user's dashboard or
attention set but was limited to the execution of the `is:ignored` predicate.
On Google hosted Gerrit the feature is used by about 5 users per week.
20% of __ignore__ action clicks were accidental.
* [Change 321607](https://gerrit-review.googlesource.com/321607):
_Assignee_ feature is completely removed from the Gerrit UI
The Attention Set feature has been launched in Gerrit v3.3, and assignee
has been turned off by default for three releases. The feature is now completely
removed and cannot be enabled anymore by config.
* [Project Owners implicit delete reference permission has been removed](https://gerrit-review.googlesource.com/c/gerrit/+/304054).
Before this release all Project Owners had implicit delete permission to all
refs unless force-push was blocked for the user.
Admins that are relying on previous behavior or wish to maintain it for their
users can simply add the permission explicitly in All-Projects:
```ini
[access "refs/*"]
delete = Project Owners
```
> **NOTE**: If you choose to do so, blocking force-push no longer has any effect
> on permission to delete refs by means other than git (REST, UI).
* Support for CentOS is dropped and the base image replaced by AlmaLinux
RedHat anticipated the [EOL of CentOS to December 2021](https://blog.centos.org/2020/12/future-is-centos-stream/) making
hard for the Gerrit community to continue to support existing Docker setups on
CentOS.
The default base image now uses [AlmaLinux 8](https://almalinux.org/)
which promises to have a much longer life as open-source OS and has an easy
[migration tool from CentOS 8](https://github.com/AlmaLinux/almalinux-deploy)
available.
* Apache Commons Lang v2 is removed
Gerrit moved to [Apache Commons Lang v3](https://commons.apache.org/proper/commons-lang/) replacing all legacy
use of the older lang v2 from its dependencies. Existing plugins and scripts
that are using Apache Commons Lang v2 must be rebuilt to use the new library
or declare the older Apache Commons Lang v2 as an explicit dependency.
### Other changes
## Plugin changes
* [Change 331259](https://gerrit-review.googlesource.com/331259):
Deprecate the `registerStyleModule()` JS plugin API
* [Change 330403](https://gerrit-review.googlesource.com/330403):
Support validation options for branch creation to be used in
RefOperationValidationListener implemented in plugins.
* [Change 330200](https://gerrit-review.googlesource.com/330200):
Add support for specifying validation options in rebase and cherry-pick REST
endpoint and implemented in plugins.
* Upgrade to gitiles v1.0.0
## Gerrit UI changes
* [Change 324242](https://gerrit-review.googlesource.com/324242):
Add syntax highlighting for Markdown
Reuse and enable highlight.js syntax highlighting of Markdown files.
* [Issue 15715](https://crbug.com/gerrit/15715):
Fix the editing workflow in the web app
* [Change 330301](https://gerrit-review.googlesource.com/330301):
Adding tab navigation for hovercards
* [Change 330919](https://gerrit-review.googlesource.com/330919):
Show Change actions regardless if logged in or not, because the
gr-change-actions correctly hides the actions that the current user cannot do.
* [Change 333299](https://gerrit-review.googlesource.com/333299):
Remove the front-end metric `diffViewFullyLoaded` replaced by `diffViewDiplayed`
to represent highlighting a whole file.
* [Change 330204](https://gerrit-review.googlesource.com/330204):
Adds changes and dashboard link to account hovercard.
* [Change 330084](https://gerrit-review.googlesource.com/330084):
__Status__ field renamed to __About me__ and no icon is shown.
## Documentation changes
* [Change 331879](https://gerrit-review.googlesource.com/331879):
Fixed links in the [Plugin Lifecycle doc](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.0/dev-plugins-lifecycle.html)
and improved its discoverability
## End-to-End tests changes
New test properties are available in the [End-to-End](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.0/dev-e2e-tests.html#_environment_properties)
tests:
- com.google.gerrit.scenarios.project_prefix
- com.google.gerrit.scenarios.context_path
- com.google.gerrit.scenarios.replica_hostname
- com.google.gerrit.scenarios.username
## JGit changes
* Update jgit to v6.1.0.202203080745-r
release notes:
[6.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.0.0)
[6.1](https://projects.eclipse.org/projects/technology.jgit/releases/6.1.0)
most important changes since 5.13:
- [push] support the "matching" RefSpecs ":" and "+:"
- IndexDiff: use tree filter also for SubmoduleWalk
- Describe: add support for core.abbrev config option
- PersonIdent: Add ctors that accept Instant in addition to Date
- Cap describe abbrev option, minimum is 4, maximum is length of a full ObjectId
- DescribeCommand: Add support for --abbrev=0
- DescribeCommand: Support configuring the hash abbreviation
- PushCommand: determine remote from git config if not given
- PushCommand: consider push.default when no RefSpecs are given
- Support for git config push.default
- Support for "lfs.url" from ".lfsconfig"
- Support LFS Server URL without .git suffix
- [rebase] Enable users to have a Change-ID be generated when squashing or rewording commits.
- RepoCommand: Add API to set extra files in the destination repository
- RebaseCommand: better commit message rewording. Respect git config commit.cleanup for rewording.
- CommitCommand: implement git commit --cleanup.
- Provide git config commit.cleanup
- sshd: support the ConnectTimeout ssh config
- sshd: Skip unknown keys from the SSH agent
- sshd: support the AddKeysToAgent ssh config
- sshd: handle "IdentityAgent SSH_AUTH_SOCK" in ssh config
- sshd: Connector for the Win32-OpenSSH SSH agent
- sshd: handle IdentitiesOnly with an SSH agent
- shd: support IdentityAgent config
- Add config reader for user-defined difftools
- Add command line support for "git difftool"
- Transport: load all refs only if push refspecs have wildcards
- UploadPack v2 protocol: Stop negotiation for orphan refs
- PackBitmapIndexV1: support parallel loading of reverse index
- RefDirectory.scanRef: Re-use file existence check done in snapshot creation
- FileSnapshot: Lazy load file store attributes cache
- Support commit.template git config option
- ssh: Handle "ProxyJump none" from SSH config file
- OpenSshConfigFile: update handling of line comments and quoted strings following changes in OpenSSH
- OpenSshConfigFile: update token replacements. It appears that the OpenSSH documentation has changed; it now allows more flags for a number of keys.
- [sshd agent] Introduce ConnectorDescriptor
- sshd: add support for ssh-agent
- Binary and CR-LF detection: conclude file is binary if it contains a lone CR like C git
- Make the buffer size for text/binary detection configurable
- GarbageCollectCommand: add numberOfBitmaps to statistics
- Don't block in GC#gc until garbage collection finished
- Let ObjectDatabase implement AutoClosable
- Optimize RevWalk.getMergedInto() to improve performance
- improve how git system config is found
- Bump minimum required Java version to 11
- [checkout] Use .gitattributes from the commit to be checked out
- [push] Call the pre-push hook later in the push process
- Prevent that an instance of PushCommand is reused
- Stop initCause throwing in readAdvertisedRefs
- Make sure to close Repository in tests
- Fix resource leak in CancellableDigestOutputStreamTest
- RebaseCommand: fix commit message in "fixup" case
- BinaryHunkInputStream: accept CR-LF
- Merge conflict messages: prefix conflict lines with a hash
- ObjectWalk: close ObjectReader on close() if needed
- LFS: Fix error occurring during delete branch
- sshd: backport upstream fix for SSHD-1231
- Use FileSnapshot without using configs for FileBasedConfig
- TreeRevFilter: fix wrong stop when the given path disappears
- storage: file: De-duplicate File.exists()+File.isFile()
- Fix checkout of files with mixed line endings on text=auto eol=crlf
- Fix missing peel-part in lsRefsV2 for loose annotated tags
- Fix RevWalk.getMergedInto() ignoring annotated tags
- Reftable: close old Db in FileRepository#convertToPackedRefs
- Reftable: Reload the stack _before_ trying to delete the files. This ensures we don't trip over our own open file handles when deleting compacted tables.
- Reftable: drop code for truncated reads
- Reftable: pass on invalid object ID in conversion
## Other dependency changes
* Update sshd to 2.8.0
The highlights of SSHD update from Gerrit's perspective are:
- [SSHD-1216](https://issues.apache.org/jira/browse/SSHD-1216):
Server-side implementation of the RFC 8332 server-sig-algs
extension: the server announces that it prefers the SHA-2 signatures
for RSA keys.
- [SSHD-1197](https://issues.apache.org/jira/browse/SSHD-1197):
A race condition in key exchange fixed.
- [SSHD-1163](https://issues.apache.org/jira/browse/SSHD-1163):
DH group exchange got a fix relating to RSA SHA-2 signatures.
Additionally, sshd 2.8.0 now supports (and prefers) the
chacha20-poly1305@openssh.com cipher [SSHD-1017](https://issues.apache.org/jira/browse/SSHD-1017),
and supports the curve25519 and curve448 KEX algorithms [SSHD-704](https://issues.apache.org/jira/browse/SSHD-704).
* Update codemirror-minified to 5.65.0
* Update highlight.js to 11.5.0
* Update rules_nodejs version to 5.1.0
* Update rules_go version to 0.30
* Update protobuf version to 3.19.4
## Other core changes
* [Change 334747](https://gerrit-review.googlesource.com/334747):
Fixed missing return type in e2e-tests
* [Change 334557](https://gerrit-review.googlesource.com/334557):
Make the computing of the diff cache thread-safe.
The computation previously failed with a zlib exception that was logged as if
the packfile was corrupt even though it wasn't.
* [Change 333706](https://gerrit-review.googlesource.com/333706):
Added support for 'is:<VALUE>' in approval copy condition queries to make arbitrary voting values sticky
* [Change 332139](https://gerrit-review.googlesource.com/332139):
Stop adding project-owners to `To:` of the emails for new changes.
## Bugfix releases
### 3.6.8
* New Features
* [Change 377699](https://gerrit-review.googlesource.com/c/gerrit/+/377699):
Allow generating safe local-only documentation, without reference to external fonts in CSS
* [Change 390658](https://gerrit-review.googlesource.com/c/gerrit/+/390658):
Allow disable Prolog rules evaluation on closed changes
* [Change 390614](https://gerrit-review.googlesource.com/c/gerrit/+/390614):
Allow uploading changes to group refs except changes to group files
* [Change 389055](https://gerrit-review.googlesource.com/c/gerrit/+/389055):
Allow operator aliases to be used in submit requirement expressions
* [Change 387435](https://gerrit-review.googlesource.com/c/gerrit/+/387435):
Persisted caches now honors `refreshAfterWrite` and `maxAge` settings in `gerrit.config`
* [Change 386974](https://gerrit-review.googlesource.com/c/gerrit/+/386974):
SSH set-reviewers cmd now handles lock failures with retries
* Performance Fixes
* [Change 376094](https://gerrit-review.googlesource.com/c/gerrit/+/376094):
Introduce new cache `changes_by_project` to speedup git ref advertisements on replica and git-receive-pack on primary
* [Change 377814](https://gerrit-review.googlesource.com/c/gerrit/+/377814):
Skip building bloom filters by default speeding up offline reindex
* Security Fixes
* [Change 389374](https://gerrit-review.googlesource.com/c/gerrit/+/389374):
Update Jetty to 9.4.53.v20231009 with critical security fixes [CVE-2023-36478](https://nvd.nist.gov/vuln/detail/CVE-2023-36478) and [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487)
* Bug Fixes
* [Issue 40014568](https://issues.gerritcodereview.com/issues/40014568):
Fix ref-updated stream events consistency for change edits
* [Issue 304335624](https://issues.gerritcodereview.com/issues/304335624):
Fix the changing preferred email resulting in duplicate emails set in cache
* [Change 388054](https://gerrit-review.googlesource.com/c/gerrit/+/388054):
Eliminated startup warning for plugins whose SshModule only provides Ssh\*CommandInterceptors
* [Change 387217](https://gerrit-review.googlesource.com/c/gerrit/+/387217):
Fixed case where an exception in change visibility checking could break visibility of all refs in that repo
* [Change 387055](https://gerrit-review.googlesource.com/c/gerrit/+/387055):
Fix SSH set-topic cmd to consider 'editTopicName' permission
* [Issue 291102119](https://issues.gerritcodereview.com/issues/291102119)
Avoid NullPointerException when deleting a single ref
* [Change 387216](https://gerrit-review.googlesource.com/c/gerrit/+/387216):
Fixed potential OOM due to SubmitRuleEvaluator creating new metrics whenever an instance was created
* [Change 387214](https://gerrit-review.googlesource.com/c/gerrit/+/387214):
Fixed potential OOM due to DefaultRefFilter creating new metrics whenever an instance was created
* [Change 386976](https://gerrit-review.googlesource.com/c/gerrit/+/386976):
Fixed potential OOM due to \*QueryProcessor classes creating new metrics whenever an instance was provided
* [Issue 300976121](https://issues.gerritcodereview.com/issues/300976121):
Fix NPE when `auth.httpDisplaynameHeader` is configured but header is unset
* [Change 387054](https://gerrit-review.googlesource.com/c/gerrit/+/387054):
Fix `force topic edit` permission to consider change owner rule
* [Change 386994](https://gerrit-review.googlesource.com/c/gerrit/+/386994):
Fixed InactiveAccountDisconnector NPE due to race condition
* [Issue 295457464](https://issues.gerritcodereview.com/issues/295457464):
Fixed SSH query not returning copied approvals on per patchset level
* Documentation Fixes
* [Change 391858](https://gerrit-review.googlesource.com/c/gerrit/+/391858):
Document `ChecksApi.updateResult()` in PolyGerrit plugins checks API
* [Change 391696](https://gerrit-review.googlesource.com/c/gerrit/+/391696):
Document `check-result-expanded` plugin endpoint in PolyGerrit plugins checks API
* [Change 388936](https://gerrit-review.googlesource.com/c/gerrit/+/388936):
Explain in ls-projects SSH API when the "parent" field is "?-N"
* [Change 388530](https://gerrit-review.googlesource.com/c/gerrit/+/388530):
Explain in /projects/ REST API when the "parent" field is "?-N"
* Replication Plugin Updates
* [Change 384754](https://gerrit-review.googlesource.com/c/plugins/replication/+/384754):
Avoid opportunity to inadvertently block the distributor
* [Change 383694](https://gerrit-review.googlesource.com/c/plugins/replication/+/383694):
Reduced log level for Task deletion errors in MP setups
* Dependency Updates
* Update jgit to 82e277c813398c9f519f16e83d080a94fa29a27c
* Native Packaging
* [Issue 311414905](https://issues.gerritcodereview.com/issues/311414905):
Add trailing slash in default `canonicalWebUrl` in Docker containers
### 3.6.7
* New Features
* [Change 385116](https://gerrit-review.googlesource.com/c/gerrit/+/385116):
Support Cloud Spanner for AccountPatchReviewStore
* Bug Fixes
* [Change 385557](https://gerrit-review.googlesource.com/c/gerrit/+/385557):
Remove warning on persisted_projects cache on multi-servers setups
The implementation of the key for persisted_project includes the
project version, therefore it is safe when used in a multi-servers
scenarios (HA, multi-site).
* [Change 380154](https://gerrit-review.googlesource.com/c/gerrit/+/380154):
Documentation: NOTE on use of sshkeys, and \*projects cache on clusters
When using the sshkeys, and \*projects caches on a cluster, warn
the Gerrit admin he should be aware of those caches to be potentially
stale. The problem can be minimised by either disabling them
altogether or setting a low value of refreshAfterWrite.
* [Change 384214](https://gerrit-review.googlesource.com/c/gerrit/+/384214):
Align Jetty session timeout with Gerrit web_sessions maxAge
Do not leave Jetty having sessions kept forever but expire
them with the same timeout of Gerrit sessions.
Verified E2E that the Jetty sessions expires with the same
timeout of the web_sessions maxAge value.
* [Issue 290225204](https://issues.gerritcodereview.com/issues/290225204):
loginUrl and loginText are hardcoded in the UI
Gerrit UI ignored the settings in the auth section of the
configuration [1].
In particular auth.loginUrl [2] should be used if present and
auth.type is set to HTTP or HTTP_LDAP.
Also auth.loginText [3] should be used if auth.loginUrl is set.
This change backports change 381534 to stable-3.6. We didn't cherry-pick because the code changes significantly and had many conflicts.
[1]: https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#auth
[2]: https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#auth.loginUrl
[3]: https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#auth.loginText
* [Issue 291102119](https://issues.gerritcodereview.com/issues/291102119):
Avoid NullPointerException when deleting multiple tags
To avoid NPE make sure that ref is not read again after checking if
ref exists. This prevent the issue when other call already removed
the tag and we try to read it. Proper behaviour is to try to delete it
and return `Cannot delete refs/tags/...: LOCK_FAILURE` if tag is already
deleted.
* [Issue 289505276](https://issues.gerritcodereview.com/issues/289505276):
Fix for: change can't be submitted if another branch contains exactly the same commit.
* [Change 380694](https://gerrit-review.googlesource.com/c/gerrit/+/380694):
Hide Move Change from UI if change.move is set to false
* [Issue 290641654](https://issues.gerritcodereview.com/issues/290641654):
Fix bug in API '/projects/*/access:review' ignoring 'message' field
Fix API endpoint 'CreateAccessChange' '/projects/*/access:review'
not hounouring 'message' field provided via 'ProjectAccessInput' object despite setting it.
Add condition to check if message is provided then use it instead of default 'Review access change'
* Plugin Updates
* [Change 383360](https://gerrit-review.googlesource.com/c/gerrit/+/383360):
Update webhooks plugin to 1dc0a71883
This includes the following changes:
1dc0a71 Add HTTP response code 'SC_ACCEPTED' (202) as success case in response handler
16110f3 Annotate methods that return a definitely null value with @Nullable
and fixes:
[Issue 40015349](https://issues.gerritcodereview.com/issues/40015349) "plugins/webhooks doesn't accept HTTP 202 response code"
### 3.6.6
* Breaking changes
* [Issue 40015585](https://issues.gerritcodereview.com/issues/40015585):
Enhance metric name sanitize function to remove collision on '_' between metrics.
Collision between the sanitized metric names can be easily
created e.g. `foo_bar` will collide with `foo+bar`. In order
to avoid collisions keep the rules about slashes and replace not
supported chars with `_0x[HEX CODE]_` string. The replacement prefix
`0x` is prepended with another replacement prefix.
* New Features
* [Issue 287484350](https://issues.gerritcodereview.com/issues/287484350):
Extend configurability of index pagination type
Add NONE option to disable index backend pagination, this option
needs to be honoured by the indexing backend and this change introduces
the correct implementation for Lucene.
* Bug Fixes
* [Issue 40014502](https://issues.gerritcodereview.com/issues/40014502):
Fix JdkObsolete issues with Date caused by JGit's PersonIdent class not supporting Instant
Gerrit has quite a lot of usages of JGit's PersonIdent class. PersonIdent
currently doesn't support Instant, but requires a java.util.Date as input.
This fix updates PersonIdent in JGit to support Instants (offer constructors
that accept Instant + add a getter that returns Instant), Upgrade JGit in Gerrit,
Fix Gerrit's usages of PersonIdent to use the new constructors and getters.
* [Change 376334](https://gerrit-review.googlesource.com/c/gerrit/+/376334):
Fix ExternalId differential loading when cache is inconsistent
JGit may return a failure to update a repository, even if it actually
succeeded. This can create an issue when loading externalIds, since
we would retry to insert the same value into the cache twice,
due to the retry performed by the client, leading the cache
loader to consistently blow up.
* [Change 347316](https://gerrit-review.googlesource.com/c/gerrit/+/347316):
Fix Bazel build on Apple M2 ARM64 chip
Bazel fails to select the correct java-tools binaries for Apple's ARM64
chip and download the generic x86. This fix disable the download
of the pre-compiled java_tools, allowing Bazel to build them
locally using the correct architecture.
* [Change 373186](https://gerrit-review.googlesource.com/c/gerrit/+/373186):
Turn on JavaUtilDate bug pattern and fix related issues
Upcoming Bazel release 5.0 includes recent error prone release that
flags JavaUtilDate bug pattern. Demote the severity to warning to not
block Bazel upgrade and promote it to error severity again, when all
places were adapted.
* [Change 357634](https://gerrit-review.googlesource.com/c/gerrit/+/357634):
Fix parsing legacy labels for users with comma
This change fixes a bug introduced by [336883](https://gerrit-review.googlesource.com/c/gerrit/+/336883)
when parsing labels where a UUID was present together with a user name containing a comma.
* [Issue 289321387](https://issues.gerritcodereview.com/issues/289321387):
Preserve refs order in the GitBatchRefUpdateEvent event
[Change 335758](https://gerrit-review.googlesource.com/c/gerrit/+/335758)
introduced the concept of the single event representing batch ref update.
However this new event did not preserve original order of the updated refs.
This impacts event consumers behaviour and can cause failures. For example
if meta ref is processed before patchset ref indexing operation will
fail because of the missing patchset.
The timeline of events is kept in the same order they are generated,
to make sure that refs order is preserved and backward compatibility
is kept.
* Documentation fixes
* [Issue 40014489](https://issues.gerritcodereview.com/issues/40014489):
Announce / document that building with Java 8 is no longer supported
Documents that building with Java 8 is no longer supported.
Java 11 is now required and remove now unused error_prone_warnings_toolchain.
### 3.6.5
* New Features
* [Change 364591](https://gerrit-review.googlesource.com/c/gerrit/+/364591)
Allow to hide download schemes from the UI
Allow hiding a download scheme in the UI by still allowing to use it.
* Bug Fixes
* [Change 362914](https://gerrit-review.googlesource.com/c/gerrit/+/362914)
Fix internal server error caused by double flush in BaseCommand.TaskThunk
Ignore `SshChannelClosedException` when flushing the task's output and error
streams. JGit commands like `UploadPack` flush these streams already. When
`TaskThunk` tries to flush them again `SshChannelClosedException` is thrown
and leads to an internal server error.
* [Change 364478](https://gerrit-review.googlesource.com/c/gerrit/+/364478):
AndSource: Run `isVisibleToPredicate` based on its cost
`isVisible` check can be expensive and always running it ahead of other
cheaper predicates can increase the query time. Update `AndSource` to treat
`isVisibleToPredicate` like any other predicate so that it runs based on its
estimated cost.
* [Issue 16819](https://crbug.com/gerrit/16819):
Enable LDAP "Remember me" in login form per default
When users are presented with the LDAP login page, the "Remember me" checkbox
is disabled by default. This might be a problem because, if the user doesn't
explicitly click the checkbox, the session will be tied to the browser
session.
* [Issue 16814](https://crbug.com/gerrit/16814):
Improve `Rebase-SubmitStrategy` performance in some cases
Set uninteresting branches based on project configuration:
`create_new_change_for_all_not_in_target`.
* [Change 369415](https://gerrit-review.googlesource.com/c/gerrit/+/369415):
Fix metric computation with file paths in metric name.
Don't fail metric computation due to duplicated metric names.
* [Change 370354](https://gerrit-review.googlesource.com/c/gerrit/+/370354):
Improved performance of queries when backend index returns more results than needed
Matching changes more than the limit is just extra work that is discarded at
the end when the results are trimmed to match the limit. This can help improve
performance of queries where a small percentage of changes are filtered in the
initial page and the remaining results are obtained from the next page.
* [Change 357834](https://gerrit-review.googlesource.com/c/gerrit/+/357834):
Improved performance for plugin-provided SSH commands that perform multiple
permission checks or ref lookups for the same project
Move creation of `PerThreadCache` to `SshCommand` so that the cache is available
to most commands, including plugins.
* [Change 360221](https://gerrit-review.googlesource.com/c/gerrit/+/360221):
Add metric for memory allocated by all threads
Introduce [proc/jvm/memory/allocated](https://gerrit-review.googlesource.com/Documentation/metrics.html#_process)
which can be used to monitor total memory allocation rate causing work for the Java gc.
* [Change 361434](https://gerrit-review.googlesource.com/c/gerrit/+/361434):
Mark `LabelType.Builder#setFunction` as deprecated
Align the code with the
[documentation](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.3/config-labels.html#label_function).
* [Issue 16823](https://crbug.com/gerrit/16823):
Fix the search by query in the project filter
Fix regression introduced in [Change 337994](https://gerrit-review.googlesource.com/c/gerrit/+/337994),
in context of [Issue 15134](https://crbug.com/gerrit/15134).
* Download-commands plugin fixes
* [Issue 15944](https://crbug.com/gerrit/15944):
scp command for retrieving commit-sh hook fails with OpenSSH 9.0
Http should always be available from primary servers and using scp is getting
complicated since the implementation of scp varies between different OpenSSH
versions.
* Dependency Updates
* Update jgit to 5ae8d28faaf6168921f673c89a4e6d601ffad78d.
* [JGit Bug 565854](https://bugs.eclipse.org/bugs/show_bug.cgi?id=565854)
`SshdSession`: close channel gracefully
Close the channel gracefully to give the server a chance to clean up properly on
its side.
* Update bouncycastle to 1.72.
* Update commons-compress to 1.22.
### 3.6.4
* New features
* [Issue 16565](https://crbug.com/gerrit/16565):
Introduce cache.threads option to allow custom executors for Caffeine caches.
The introduction of `cache.threads` in `gerrit.config` allows to configure
a separate thread pool which can be tuned and decoupled from the
rest of the JVM common threads.
* [Change 353177](https://gerrit-review.googlesource.com/c/gerrit/+/353177):
Add tsconfig-plugins-base.json to Gerrit TypeScript Plugin API.
Adds `tsconfig-plugins-base.json` to the npm package so downstream plugins
can easily use the same set of TypeScript settings.
* [Issue 16445](https://crbug.com/gerrit/16445):
Add slice number to the change indexing task description.
To indicate to the administrator each task is indeed doing something
different, add the slice number if there is more than one slice in
total.
* [Change 356215](https://gerrit-review.googlesource.com/c/gerrit/+/356215):
Support `init --reindex-threads=-1` to skip reindexing after init.
Admins may wish to run other commands after `init` and before `reindex`, but
previously would have needed to observe and interrupt the `init` command
process once it started reindexing in order to do so. Providing an option to
`init` that skips the reindexing phase simplifies that workflow and makes it
less error prone.
* [Change 356234](https://gerrit-review.googlesource.com/c/gerrit/+/356234):
Add CUDA syntax highlighting.
* [Change 352534](https://gerrit-review.googlesource.com/352534):
Introduce `--show-cache-stats` for printing cache stats during `init` and `reindex`,
disabled by default.
* Bug Fixes
* [Change 351674](https://gerrit-review.googlesource.com/c/gerrit/+/351674):
SSH review cmd handles lock failures with retries.
Retrying on lock failures helps mitigating lock failures when there is
contention to lock the notedb ref. Retries were already implemented
in REST API code path at a high enough layer so that it applies for all
REST APIs.
* [Change 353594](https://gerrit-review.googlesource.com/c/gerrit/+/353594):
Inserting new patch-sets is retried on lock failures.
Mitigates failures when creating new patch-sets fails if the notedb
ref is locked for another update on the change.
* [Issue 14686](https://crbug.com/gerrit/14686), [Issue 14779](https://crbug.com/gerrit/14779), [Issue 16030](https://crbug.com/gerrit/16030):
In [Change 293978](https://gerrit-review.googlesource.com/c/gerrit/+/293978), eTag was
removed from GetRevisionActions, but not RevisionResource. This resulted
in the UI to show a stale 'submit' action on the change in the same
submission chain. The UI now uses RevisionResource eTag, that does not include
MergeSuperSet (all related changes).
* [Issue 16409](https://crbug.com/gerrit/16409):
Report pack protocol errors to the client via smart-HTTP.
A regression introduced by [JGit Change 1926771](https://git.eclipse.org/r/c/jgit/jgit/+/192677),
caused pack protocol errors to be reported as 500 Server errors.
Such situations should be reported to the user as a 200 OK containing the
details of the failed operation.
* [Change 351759](https://gerrit-review.googlesource.com/351759):
Fix `contrib/find-duplicate-usernames.sh` output when usernames contain spaces.
* [Issue 16449](https://crbug.com/gerrit/16449):
Fix project root computation in Gitweb servlet.
* [Change 356715](https://gerrit-review.googlesource.com/356715):
Fixed bug with negated label for queries with external groups.
* [Change 359176](https://gerrit-review.googlesource.com/359176):
Fix LabelPredicate group matching for included external groups.
* [Change 357874](https://gerrit-review.googlesource.com/357874):
Fixed ownerin/uploaderin for internal groups that include external groups.
* [Change 355054](https://gerrit-review.googlesource.com/355054):
Wrap #mobileSearch in a div.
Fixes an issue on wikimedia where the search button was hidden
even though the rules executed to make it show.
* [Issue 16433](https://crbug.com/gerrit/16433):
Fix 404 page shown after login using OpenID
* Dependency Updates
* Update jgit to a1901305b26ed5e0116f138bc02837713d2cf5c3.
Update from stable-6.1 to stable-6.5:
* Notable enhancements and fixes from [6.2.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.2.0) are:
* [4dd9a94e](https://git.eclipse.org/r/c/jgit/jgit/+/192433): Better feedback on SSH authentication failure
* [7b1c8cf14](https://git.eclipse.org/r/c/jgit/jgit/+/191924): Retry reading a file when there are concurrent writes
* [fed1a5493](https://git.eclipse.org/r/c/jgit/jgit/+/197714): Refresh 'objects' dir and retry if a loose object is not found
(Fixes cases where a new loose object is not immediately visible on a NFS
client if it was created on another client)
* [011c26ff3](https://git.eclipse.org/r/c/jgit/jgit/+/193939): Fix connection leak for smart http connections
* [ac127a793](https://git.eclipse.org/r/c/jgit/jgit/+/196849): Do not handle internal git errors as an HTTP error
* Notable enhancements and fixes from [6.3.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.3.0) are:
* [1a364c49e](https://git.eclipse.org/r/c/jgit/jgit/+/194200): JGit blame very slow for large merge commits that rename files
* [66ace4b9](https://git.eclipse.org/r/c/jgit/jgit/+/193496): Do not check reachability of visible SHA1s in git-upload-pack
* [035e0e23](https://git.eclipse.org/r/c/jgit/jgit/+/194500): Do not prematurely terminate timer in case of error during git-upload-pack
* Notable enhancements and fixes from [6.4.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.4.0) are:
* [fe9aeb02e6](https://git.eclipse.org/r/c/jgit/jgit/+/196497), [93097f0018](https://git.eclipse.org/r/c/jgit/jgit/+/196323): Receive and parse client [git session-id](https://git-scm.com/docs/gitprotocol-capabilities#_session_idsession_id)
* [59029aec3](https://git.eclipse.org/r/c/jgit/jgit/+/196905): Add option to allow using JDK's SHA1 implementation
* [3e7281662](https://git.eclipse.org/r/c/jgit/jgit/+/197151): UploadPackServlet#doPost use try-with-resource to ensure
UploadPack is closed
* [1e04046a6](https://git.eclipse.org/r/c/jgit/jgit/+/194411): Fix crashes on rare combination of file names
(This issue has been seen during offline reindex of changes with specific merge commits)
* Update sshd to 2.9.2
* [CVE-2022-45047](https://nvd.nist.gov/vuln/detail/CVE-2022-45047): Avoid using Java deserialization to load a serialized java.security.PrivateKey
* [SSHD-1302](https://issues.apache.org/jira/browse/SSHD-1302): Reading again from exhausted ChannelExec#getInvertedOut() throws IOException instead of returning -1
* [SSHD-966](https://issues.apache.org/jira/browse/SSHD-966): Deadlock on disconnection at the end of key-exchange
* [SSHD-1231](https://issues.apache.org/jira/browse/SSHD-1231): Public key authentication: wrong signature algorithm used (ed25519 key with ssh-rsa signature)
* [SSHD-1257](https://issues.apache.org/jira/browse/SSHD-1257): Shell is not getting closed if the command has already closed the OutputStream it is using.
* [SSHD-1261](https://issues.apache.org/jira/browse/SSHD-1261): Sometimes async write listener is not called
* [SSHD-1290](https://issues.apache.org/jira/browse/SSHD-1290): Race condition is logged in ChannelAsyncOutputStream
* Update mina-core to 2.0.23
* Update reviewnotes to 10db2cf772989d031c6f3558010c51fe07cf9722
* Documentation fixes
* [Change 353177](https://gerrit-review.googlesource.com/353177):
Document Gerrit TypeScript Plugin API @gerritcodereview/typescript-api in pg-plugin-dev.
### 3.6.3
* New features
* [Issue 16322](https://crbug.com/gerrit/16322):
Limit the number of changes that can be submitted together
When chaining changes together, the sequence of commits to navigate
was previously unbound, causing the potential operations explosion.
The explosion could have also been accidental and caused by the push
of a change with a non-existent branch, which would have resulted
in the full scan of the repository for changes.
Introduce a new Gerrit configuration `change.maxSubmittableAtOnce` with
a safe default of `1024`, which would allow any use case that would have
also worked before this change.
* [Change 347496](https://gerrit-review.googlesource.com/c/gerrit/+/347496):
Enable project_list cache warmer when `cache.project_list.maxAge` is set
* [Change 341454](https://gerrit-review.googlesource.com/c/gerrit/+/341454):
GitwebServlet: Retrieve git path from FileRepository so that it can be used
with multi-site and cached-refdb modules
* Native packaging
* GerritForge RPM repository updated for arm64 architecture
[GerritForge RPM v1.4](https://gerritforge.com/gerritforge-repo-1-4.noarch.rpm)
has been released, including the native packages for arm64 architecutre.
* DockerHub images for arm64 architecture
[DockerHub Gerrit images](https://hub.docker.com/r/gerritcodereview/gerrit/tags?page=1&name=3.6.3)
include images for arm64 architecture.
* Performance Fixes
* [Change 350577](https://gerrit-review.googlesource.com/c/gerrit/+/350577)
copy-approvals: use multiple threads for copy-approvals, improve performance
Split the work into slices of changes and then utilize one thread per slice.
Also skip unnecessary reindexing. On a large Gerrit site with 1.3 million
changes, this reduced the time for copy-approvals from 5 hours to 15-20
minutes.
* [Change 350236](https://gerrit-review.googlesource.com/c/gerrit/+/350236)
Optimized change visibilty checking when the project is hidden
Looping over every change when the whole project isn't readable is a
waste of CPU. It's a bigger waste to fetch all the change data in the
first place.
* [Issue 16379](https://crbug.com/gerrit/16379):
Remove key locking for disabled caches
This change also makes the memoryLimit behaviour consistent with the
diskLimit set to zero means disabling the implementation of the cache.
* [Change 349895](https://gerrit-review.googlesource.com/c/gerrit/+/349895):
Add AndCardinalPredicate and OrCardinalPredicate
Before this change, IndexSource derived cardinality from predicate
which implement `HasCardinality`. Since `AndPredicate` and `OrPredicate`
does not return cardinality, IndexSource defaults to 10 when query
comprises more than one predicate. Due to this behavior, `AndSource`
chooses IndexSource almost always when query contains more than one
index predicate.
This helps `AndSource` to choose the right source more often.
* [Change 347956](https://gerrit-review.googlesource.com/c/gerrit/+/347956):
Introduce possibility to define the cardinality so that `AndSource` predicate
can work more efficiently
Before this change, cardinality of the IndexSource was always set to
10. This makes `AndSource` to choose IndexSource over other sources most of
the time.
Add a `HasCardinality` interface which can be used by all the predicates
which implement IndexPredicate to set a cardinality. This helps
AndSource to choose the right datasource.
* [Change 349355](https://gerrit-review.googlesource.com/c/gerrit/+/349355):
Cache repository locations in LocalDiskRepositoryManager
Obtaining the actual location of a repository using base-path
and project name can be slow as it involves some guessing to
locate the repository. Cache the locations once they are
obtained to avoid repeated work, thereby improving performance
when opening repositories.
* [Change 347955](https://gerrit-review.googlesource.com/c/gerrit/+/347955):
Consider cardinality while choosing the data source for `AndSource` predicate
Before this change, `AndSource` considered cost to choose a datasource.
Ideally cost should be used to determine which predicate to run
`#match()` against first, so that queries are faster. Cardinality should
be used to determine which datasource to be picked so that there are
fewer changes to process.
Consider cardinality of the datasource to choose the source and use
cost when cardinality is same.
* Bug Fixes
* [Change 350576](https://gerrit-review.googlesource.com/350576)
copy-approvals: continue when there are corrupt meta-refs in a project
If there was a corrupt meta-ref in a project, the copy-approvals
failed for all changes in that project. Mitigates [Issue 16326].
* [Change 350575](https://gerrit-review.googlesource.com/350575)
copy-approvals: don't stop when it fails on one project
When copying of approvals failed in one project it skipped copying of
approvals for other projects where it would potentially finish
successfully.
* [Change 350414](https://gerrit-review.googlesource.com/c/gerrit/+/350414)
Fix index rewriter to rewrite all Or/AndPredicates.
AndSource chooses right source more often
* [Change 349314](https://gerrit-review.googlesource.com/349314)
Fix reindex with label copyCondition containing group.
* [Change 77495](https://gerrit-review.googlesource.com/c/gerrit/+/347495):
Fix for IllegalStateException during the Gerrit start when
`cache.projects.refreshAfterWrite` is set to true and prolog rules are used
* [Change 350014](https://gerrit-review.googlesource.com/c/gerrit/+/350014):
Do not set cherryPickOf on RevertSubmission
The RevertSubmission internally uses CherryPickChange operation. It
creates the 'normal' revert for the first change in the relation chain,
for each subsequent change it creates a revert commit that is then
cherry-picked. This cherry-pick is not a cherry-pick of the reverted
change. This is a cherry-pick of the revert commit of the original
change.
This change fixes the bug in the logic that sets cherryPickOf to the
original (reverted) change, using the CherryPickChange operation.
* [Change 349894](https://gerrit-review.googlesource.com/c/gerrit/+/349894):
Don't always rewrite And/OrPredicate to And/OrSource
Before this change OrPredicate was always rewritten to OrSource. This
is not the right thing to do as `OrSource#read()` will eventually fail
when there is at least one non-datasource child. Since
[Change 347955](https://gerrit-review.googlesource.com/c/gerrit/+/347955),
`AndSource` picks a source which has the lowest cardinality
which makes the `OrSource#read()` failures more visible.
Rewrite `OrPredicate` to `OrSource` only when all the children in the
predicate are DataSources.
* [Change 348715](https://gerrit-review.googlesource.com/c/gerrit/+/348715);
Clarify that a restart is needed before changes to email templates take
effect
* [Issue 16182](https://crbug.com/gerrit/16182):
Reintroduce the Change-Id footer in change screen
This change reintroduce the Change-Id footer below the commit message on
the Gerrit UI.
* [Issue 10168](https://crbug.com/gerrit/10168):
Fix HTTP 404 when browsing tags on Gitweb
The Gitweb links to tags have been broken in v2.14.10 onwards.
Gitweb supports the 'a=tags' rendering action for annotated tags
only, returning 404 for all lightweight tags.
Use the generic 'a=shortlog' for Gitweb links to tags which would
work for both annotated and lightweight ones.
* [Change 347495](https://gerrit-review.googlesource.com/c/gerrit/+/347495):
Fix for IllegalStateException during the Gerrit start when
`cache.projects.refreshAfterWrite` is set to true and prolog rules are used
* [Issue 15997](https://crbug.com/gerrit/15997):
Make DelegateRepository#delegate() method public to allow plugins/modules to
access it
### 3.6.2
* Security Fixes
* [Issue 16054](https://crbug.com/gerrit/16054):
Fix confidentiality leak by users with create ref permission
using the create branch REST-API
Any user with create ref permission was able to gain
access to any SHA1 or refs, including the ones that they would
not have permission to see.
* Breaking changes
* [Issue 15941](https://crbug.com/gerrit/15941):
Fix SSH queries to not show commit-message unless --commit-message is provided
This issue has existed for several years and should be considered
breaking as users might expect commit message to be included by
default in SSH query results.
Obtaining the commit message is a costly operation as the commit
data has to be loaded. So, showing it even when --commit-message
is not provided degrades the performance of SSH queries.
* [Change 344300](https://gerrit-review.googlesource.com/344300):
Add missing return values in MetricMaker's `newCallbackMetric` and
`newConstantMetric`
When new callback and constant metrics were created the RegistrationHandle
was not returned, making impossible to de-register them.
The method signature is now aligned, however, all plugins, including the core ones,
that were registering callback or constant metrics would need to be rebuilt from
source or downloaded from the latest build on
[Gerrit-CI](https://gerrit-ci.gerritforge.com).
* New features
* [Change 343096](https://gerrit-review.googlesource.com/343096):
Introduce `index.paginationType=SEARCH_AFTER` configuration for speeding up
query pagination
* [Change 343798](https://gerrit-review.googlesource.com/343798):
Introduce `index.pageSizeMultiplier` configuration to paginate index
queries with increasing size
* [Change 344334](https://gerrit-review.googlesource.com/344334):
Implement `no-limit` queries with multiple pages, make them usable with
Elasticsearch
* [Change 345017](https://gerrit-review.googlesource.com/345017):
Add public `EventTypes.getRegisteredEvents()` for accessing all stream
event types from plugins
* [Change 340714](https://gerrit-review.googlesource.com/340714):
Introduce metrics configuration for different data reservoirs
* [Change 347496](https://gerrit-review.googlesource.com/347496):
New configuration option to periodically warm the project_list cache
Reduce the likelihood of the project_list cache being evicted
by providing an option to periodically warm it up.
When this warmer is enabled, change detail page loads are
consistently faster.
* Performance Fixes
* [Change 338154](https://gerrit-review.googlesource.com/338154):
Lazy load change notes when submit by push
Improves performance of change submit via push
* [Change 338614](https://gerrit-review.googlesource.com/338614)
Optimize SSH queries to avoid loading individual accounts
This improves performance of SSH queries.
* [Change 338474](https://gerrit-review.googlesource.com/338474):
Allow async receive-commits to have a thread-local cache
Improve caching when merging changes through git push
* [Change 338574](https://gerrit-review.googlesource.com/338574):
Cache ProjectControl instances in SSH queries
A PerThreadCache is used to cache ProjectControl instances to
improve SSH query performance.
* [Change 338834](https://gerrit-review.googlesource.com/338834):
Avoid creating an IdentifiedUser multiple times in a SSH query
This improves performance of SSH queries.
* Bug Fixes
* [Issue 16306](https://crbug.com/gerrit/16306):
Fix Bazel build on Apple M2 ARM64 chip
* [Issue 16284](https://crbug.com/gerrit/16284):
Fix performance issues with git-upload-pack on repositories with a large number
of changes
* [Issue 16043](https://crbug.com/gerrit/16043):
Fix reindexing for changes with a commit message longer than 32766 bytes
* [Change 347474](https://gerrit-review.googlesource.com/347474):
Fix DefaultMemoryCacheFactory to correctly set refreshAfterWrite
Setting refreshAfterWrite in gerrit.config now works and does not mistakenly
set expireAfterAccess
* [Change 340635](https://gerrit-review.googlesource.com/340635):
Fix CSS of the Contributor Agreement screen which was preventing to sign CLAs
* [Issue 15997](https://crbug.com/gerrit/15997):
Make delegate() method public
git-repo-metrics plugin now works with multi-site setup
* [Issue 16018](https://crbug.com/gerrit/16018)
Don't try to mark files as reviewed when not logged in
Fix marking of reviewed flag when not logged in. "Log in is required to perform that action" popup is no longer seen
when viewing file diffs unauthenticated.
* [Issue 16038](https://crbug.com/gerrit/16038):
Fix "internal error" when pushing to refs/users/xx/xxxx
Push over HTTP to refs/users/* branch now works and doesn't fail with "error: internal error" / Not Signed In
* [Issue 16001](https://crbug.com/gerrit/16001):
AsciiDoctor: skip attribute when looking for title
Fix documentation search showing :linkattrs: instead of the document title
* [Issue 15134](https://crbug.com/gerrit/15134):
Apply the match operator to filter projects
Next-arrow is now not hidden when searching for repositories in the Repository section
* [Change 337474](https://gerrit-review.googlesource.com/337474):
Use sane value for QueryProcessor's effective limit on "--no-limit"
Fix errors seen when --no-limit query option is used with ES index backend
* [Change 339754](https://gerrit-review.googlesource.com/339754):
Fix gerrit review command with branch option
The gerrit review command was not able to find the commit with branch
option; ensure "refs/heads/" prefix is present for branch option.
* [Issue 16106](https://crbug.com/gerrit/16106):
Fix label operator to work with external groups, which never worked before since
its addition in v2.10.
* [Change 331762](https://gerrit-review.googlesource.com/331762):
Cache permission filtering for All-Projects, allowing a faster ACL evaluation
to any refs.
* [Change 343694](https://gerrit-review.googlesource.com/343694):
Improve performance of queries that check the visibility of changes wrt a non-current user
* [Change 346254](https://gerrit-review.googlesource.com/346254):
Fix change queries evaluation of `AND` terms to run match on predicate whose cost is
least
Sort the change queries predicates in `AND` based on cost and cardinality, which
was broken since [Change 79391](https://gerrit-review.googlesource.com/79391).
**WARNING**: queries containing predicates with poorly defined costs or cardinalities
could perform worse now.
* Dependency Updates
* Update JGit to d01376106af8800017ac3c08d7c7ac1fd5ccc9ee, including the following fixes
and improvements:
* 011c26ff3 - Fix connection leak for smart http connections
* d67ac798f - Remove stray files (probes or lock files) created by background threads
* 035e0e23f - UploadPack: don't prematurely terminate timer in case of error
* 66ace4b9a - UploadPack: do not check reachability of visible SHA1s
* 8984e1f66 - HTTP Smart: set correct HTTP status on error
* Documentation fixes
* [Change 340534](https://gerrit-review.googlesource.com/340534)
Fix link to change.mergeabilityComputationBehavior in user-search.txt
* [Change 339235](https://gerrit-review.googlesource.com/339235)
Add copy-approvals SSH command link to the index page
* [Change 338949](https://gerrit-review.googlesource.com/338949)
Fix auto-generated documentation header for plugins
* [Change 337835](https://gerrit-review.googlesource.com/337835)
rest-api-projects: Fix documentation for #inherited-boolean-info
* [Change 340114](https://gerrit-review.googlesource.com/340114)
sshd config: Reference implementation sections upstream
* [Change 339819](https://gerrit-review.googlesource.com/339819)
Supplement key exchange supported by Apache MINA
* [Change 339818](https://gerrit-review.googlesource.com/339818)
Supplement 'encrypt-then-MAC' supported by Apache MINA
* [Change 339815](https://gerrit-review.googlesource.com/339815)
Supplement cipher algorithms in sshd.cipher section
* Other Fixes
* [Change 337835](https://gerrit-review.googlesource.com/337835):
rest-api-projects: Fix documentation for #inherited-boolean-info
* [Change 340245](https://gerrit-review.googlesource.com/340245)
Propagate auto flush value to external index module
* [Change 340534](https://gerrit-review.googlesource.com/340534):
Fix link to change.mergeabilityComputationBehavior in user-search.txt
### 3.6.1
* Bug Fixes
* [Issue 15957](https://crbug.com/gerrit/15957):
Fix loading ssh and gpg keys in Gerrit UI and make the text areas have a white background
The Gerrit UI did not display the list of the user's SSH and GPG keys, even if they were present
in the user's profile and working as expected.
* Other Fixes
* [Change 337014](https://gerrit-review.googlesource.com/337014):
Plugins named with hyphens can now define query operators