blob: b5afb15eab8d6914fd5719c3632886508de26008 [file] [log] [blame] [view]
---
title: "Gerrit 3.3.x"
permalink: 3.3.html
hide_sidebar: true
hide_navtoggle: true
toc: true
---
Download: **[3.3.11](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.11.war)**
| [3.3.10](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.10.war)
| [3.3.9](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.9.war)
| [3.3.8](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.8.war)
| [3.3.7](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.7.war)
| [3.3.6](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.6.war)
| [3.3.5](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.5.war)
| [3.3.4](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.4.war)
| [3.3.3](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.3.war)
| [3.3.2](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.2.war)
| [3.3.1](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.1.war)
| [3.3.0](https://gerrit-releases.storage.googleapis.com/gerrit-3.3.0.war)
Documentation: **[3.3.11](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.11/index.html)**
| [3.3.10](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.10/index.html)
| [3.3.9](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.9/index.html)
| [3.3.8](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.8/index.html)
| [3.3.7](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.7/index.html)
| [3.3.6](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.6/index.html)
| [3.3.5](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.5/index.html)
| [3.3.4](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.4/index.html)
| [3.3.3](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.3/index.html)
| [3.3.2](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.2/index.html)
| [3.3.1](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/index.html)
| [3.3.0](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.0/index.html)
## Release highlights
* Java 11 by default for Gerrit
* New logs timestamp format
* Attention Set
## Important notes
### Default support for Java 11
The java language level is now set to Java 11 by default for Gerrit.
* [Issue 13494](https://bugs.chromium.org/p/gerrit/issues/detail?id=13494);
Generate a Java 11 Eclipse project by default
* Update dev-{eclipse,intellij} development for Java 11.
### Schema changes
This release contains schema changes. To upgrade:
``` sh
java -jar gerrit.war init -d site_path
```
Upgrading to this schema version (184) renames the `Non-Interactive Users`
group to `Service Users`.
### Zero-downtime upgrade
Gerrit supports zero-downtime upgrade from Gerrit v3.2 when configured using
a [high-availability configuration](https://gerrit.googlesource.com/plugins/high-availability/+/refs/heads/master/README.md),
when the Git repositories are stored in a shared filesystem such as NFS or similar.
For upgrading with zero-downtime, you should enable the rolling upgrade migration
in `gerrit.config` on both Gerrit servers by setting the
[`gerrit.experimentalRollingUpgrade`](http://gerrit-documentation.storage.googleapis.com/Documentation/3.2.0/config-gerrit.html)
to `true`.
During the zero-downtime upgrade, Gerrit end-users would not notice any outage
or service disruption. They will be able to perform any read/write Gerrit operation
on the GUI or using the Git protocol.
The zero-downtime upgrade consists of the following steps:
1. Have Gerrit servers upgraded to v3.2 in high-availability configuration,
healthy and able to handle the incoming traffic properly.
2. Set `gerrit.experimentalRollingUpgrade` to `true` in `gerrit.config` on both Gerrit servers.
3. Set the first Gerrit server unhealthy.
4. Shutdown the first Gerrit server, upgrade to v3.3 and start Gerrit again.
5. Verify that the first Gerrit server is working properly and then make it healthy again.
6. Wait for the first Gerrit server to start serving traffic normally.
7. Repeat steps 3. to 6. for the second Gerrit server.
8. Remove `gerrit.experimentalRollingUpgrade` from `gerrit.config` on both Gerrit servers.
**NOTE**: The schema version 184 is tolerated by the Gerrit v3.2 because the group-id
of the `Non-Interactive Users` remains the same, hence all existing ACLs are evaluated
as expected also when the group is renamed to `Service Users`. During steps 4, 5 and 6, the Gerrit
server still running v3.2 will display `Service Users` on the repositories ACLs screen.
### Downgrade
Downgrade to any Gerrit v3.2.x release is possible, but requires the following manual steps:
1. Shutdown a migrated Gerrit v3.3.x server
2. Bump the All-Projects.git version (refname: `refs/meta/version`) to `183`:
``` sh
git update-ref refs/meta/version $(echo -n 183|git hash-object --stdin)
```
See [git hash-object](https://git-scm.com/docs/git-hash-object) and
[git update-ref](https://git-scm.com/docs/git-update-ref).
3. Revert the All-Users.git schema-184 migration commit (refname: `refs/meta/group-names`)
4. Run Gerrit v3.2.x init
5. Startup Gerrit v3.2.x server
### Breaking changes
* [New logs timestamp format](http://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/logs.html):
The new format supports both ISO-8601 and RFC3339, which means that if you are
parsing it as general ISO-8601 it should work as before. However you will be
affected if you are parsing the timestamp with a static format.
### ChangeAttributeFactory deprecated and ChangePluginDefinedInfoFactory supported
Similar to the ChangeAttributeFactory, a ChangePluginDefinedInfoFactory allows
plugins to [provide additional data in change results](http://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/dev-plugins.html#query_attributes).
ChangePluginDefinedInfoFactory has the advantage that it allows plugins to know
the full set of changes up front so that they can do bulk operations.
ChangeAttributeFactory will be removed in the next release.
### JGit auto-configuration
#### Auto-disable `receive.autogc` option
By JGit's default, `git-receive-pack` will run auto gc after receiving
data from git-push and updating refs.
Init step is added to auto-disable `receive.autogc` configuration option
in `$gerrit_site/etc/jgit.config` file.
#### Auto-enable git wire protocol version 2
By JGit's default, git wire protocol version 2 is disabled. Given, that git
wire protocol version 2 on the server side is considered to be now very stable,
activate it per default in init site program, so that gerrit sites benefit
from improved fetch performance.
## Security fixes
* [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621);
[CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
APIs that should be locked down.
Gerrit had two components for determining if a Git ref is visible to a
user: `(Default)RefFilter` and `PermissionBackend#ForRef` (e.g.,
`RefControl`). The former was always capable of providing correct results
for all refs. The latter only had logic to decide if a Git ref is visible
according to the Gerrit `READ` permissions. This includes all refs under
`refs/heads` as well as any other ref that isn't a database ref or a Git
tag. This component was unaware of Git tags and notedb-related refs. Hence,
when asked for a database reference such as `refs/changes/xx/yyyyxx/meta`,
the logic would allow access if the user has `READ` permissions on any of
the ref prefixes (such as the default "read refs/* Anonymous Users").
That was problematic, because it bypassed
[documented behavior](http://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/access-control.html)
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
* [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514);
[CVE-2020-8920](https://nvd.nist.gov/vuln/detail/CVE-2020-8920):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
hiding refs based on the project's ACLs. There is however an optimization
that skips the filtering in case a user has `READ` permissions on every ACL
pattern(s). When the target repository is `All-Users`, the optimization
turns into a security issue because it allows seeing all personal information
associated with all accounts, i.e.:
* draft comments
* draft edits
* personally identifiable information (PII) of all users
* external ids
This fix now blocks Gitiles or any other part of Gerrit to abuse this power
when the target repository is `All-Users`, where nobody can be authorized
to skip the ACLs evaluation anyway.
* [Issue 12629](https://bugs.chromium.org/p/gerrit/issues/detail?id=12629);
Verify hostname when sending emails via SMTP server with `SMTPSClient`.
The SMTP server's certificate and hostname must be verified if
encryption is enabled with SSL verification in the host settings
(`sendemail.smtpEncryption` and `sendemail.sslVerify`).
`SMTPSClient` from Apache Commons Net used for SSL processing.
It has the following downside: if encryption is not required,
`SMTPSClient` is used in 'explicit' mode with the upgrade to TLS
never called. Thus, the client is somewhat misused.
## Native packaging
* Allow to use init as a param in docker run
This allows to easily run the Gerrit image with the `init` argument to explicitly
re-run the initialization on an existing or new site.
* CentOS docker image upgrade to v8.2.2004
## New features
* [Attention Set](http://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/user-attention-set.html):
For every change Gerrit maintains an "Attention Set" with users that are
currently expected to act on the change. Both on the dashboard and on the
change page, this is expressed by an arrow icon before the user name.
Enabled by default.
The former assignee feature is therefore now disabled by default.
* The reply dialog posts patchset level comments instead of change messages.
This is an experiment that is enabled by default. However, it can be
disabled by adding 'UiFeature__patchset_comments' as disabled key in
[experiments section of gerrit.config](https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#experiments).
This is useful if your CI system parses back change messages (e.g.
"/rerun") and has not been updated yet to parse patchset level
comments. The option to revert this behavior will be removed in
Gerrit 3.4. Until then, administrators need to have migrated.
* [Issue 13670](https://bugs.chromium.org/p/gerrit/issues/detail?id=13670);
Introduce cache.openFiles setting in gerrit.config.
Persistent caches might require the allocation of additional file
descriptors depending on their configuration and backend engine.
This new setting allows the gerrit.sh to be aware of that and increase the
number of files accordingly before starting Gerrit.
E.g. when swapping the default H2 persistent cache implementation with the
[chronicle-map implementation](https://gerrit.googlesource.com/modules/cache-chroniclemap/+/refs/heads/stable-3.3)
the number of open files needs raising, since the latter is bound to open more
file descriptors, mostly due to its usage of memory mapped files.
### REST API changes
* Reject REST requests with invalid enum values as bad request
* Expose 'Service User' tag on the REST API
* Add endpoints to allow enhancement on submit requirements
* Add parameter for added reviewers on reply-reviewers endpoint
* Add an alternate `CreateChange` endpoint
* [Issue 13357](https://bugs.chromium.org/p/gerrit/issues/detail?id=13357);
Add the work_in_progress option to the revert and revertSubmission endpoints
## End-to-end tests
* [Issue 12208](https://bugs.chromium.org/p/gerrit/issues/detail?id=12208);
Add [presentation links](https://www.gerritcodereview.com/presentations.html#list-of-presentations)
to [documentation](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/dev-e2e-tests.html#_what_is_gatling)
* [Issue 13082](https://bugs.chromium.org/p/gerrit/issues/detail?id=13082);
Add Eclipse support for Gatling tests
## Plugin changes
### delete-project
* [Issue 13402](https://bugs.chromium.org/p/gerrit/issues/detail?id=13402);
Fix event handling on error
### download-commands
* New command: "Reset To"
Add a new command that allows to reset the current branch to the commit
that was fetched. This is useful in cases when the user is working on a
local branch and the existing commands are not appropriate:
* "Checkout" will check out the FETCH_HEAD, i.e. moving off the current
branch and leaving the local repository in 'detached head' state.
* "Cherry-Pick" will commit the fetched change again, resulting in a
'new' commit (i.e. changed sha1) which will result in a new patch set
if the user creates any commits on top of it and pushes for review.
* [Issue 10021](https://bugs.chromium.org/p/gerrit/issues/detail?id=10021);
Avoid quoting on basic strings
### plugin-manager
* [Issue 12885](https://bugs.chromium.org/p/gerrit/issues/detail?id=12885);
Fix loading of core plugins on Windows
### replication
* Add method to push changes directly to given replica
This makes it possible to push changes directly to given replica
instance without sending unnecessary requests to others.
The method is intended to be used by other plugins that extend the
replication plugin.
* Prevent persistent task listing interruptions on IOExceptions
Improved the logging by differentiating between failures that are
severe versus potentially related to other node actions since in a
multi-primary scenario with shared storage, it is common for operations
on one node to "interfere" with task listing operations on another node
without causing a malfunction. Specifically, improve the exception
handling so that the logging in these latter cases have a likely
explanation of the listing error, and do not consider these specific
filesystem errors operational errors.
**NOTE**: The multi-primary replication is still experimental.
* [Issue 12769](https://bugs.chromium.org/p/gerrit/issues/detail?id=12769);
Fix synopsis in replication start cmd documentation
`--url` is usable with `--all` or projects and on its own.
Updated the usage to reflect this.
* [Issue 12769](https://bugs.chromium.org/p/gerrit/issues/detail?id=12769);
Don't wait for pending events to process on startup
Previously, on large Gerrit installations with many projects and/or many
replication destinations, the replication plugin could take very long
periods of time to startup. This was particularly a problem if the
pending (persisted) event count was large as they all were rescheduled
before the plugin finished initializing. Change this behavior so that
startup merely begins the process of scheduling the pending events, but
does not wait for them to complete.
* [Issue 13480](https://bugs.chromium.org/p/gerrit/issues/detail?id=13480);
Don't output directories during task walk
## Polygerrit UI changes
* Add comment icon to CR column of the dashboard
* Lock scroll for background when reply-dialog open
* Fix use of registration dialog instead of overlay
* A11y - Add meaningful label for Edit button on change page
* Enable download dialog shortcut in diff page
* Add title and shortcuts for some links and buttons
* Fix titles for buttons
* Add help icon to search bar with link to the doc
* Fix first and last focusable elements in download and diff pref dialogs
* Refine the UX on account chips
* Add doc/bug icons to hovercard and change to help-outline icon
* Re-use logic for opening up download dialog from 'd'
* Update hovercard text to say Your/their turn to take action
* Offer an option to hide the file comment button
* Update pg-plugin-dev document with polymer 3 examples
* Fix broken link/icon to the master build status
* Add link icon to messages in change log
* A11y - Fix label and navigation for More Actions Button
* Disable the 'Send' button when a comment is being edited
* Fix the dangling comma after reviewer on dashboard
* Fix Shift-A shortcut for hiding the left side of the diff
### UI issues
* [Issue 7458](https://bugs.chromium.org/p/gerrit/issues/detail?id=7458);
Fix iron-dropdown positioning
* [Issue 13080](https://bugs.chromium.org/p/gerrit/issues/detail?id=13080);
Fix the position of the hovercard
* [Issue 13175](https://bugs.chromium.org/p/gerrit/issues/detail?id=13175);
Fix gr-hovercard-behavior under Firefox
* [Issue 13328](https://bugs.chromium.org/p/gerrit/issues/detail?id=13328);
Redirect GWT links to project dashboard to Polygerit
* [Issue 13433](https://bugs.chromium.org/p/gerrit/issues/detail?id=13433);
Unlock scroll if hovercard detached
* [Issue 13543](https://bugs.chromium.org/p/gerrit/issues/detail?id=13543);
Fix navigate back to change page with '[' on first diff.
* [Issue 13658](https://bugs.chromium.org/p/gerrit/issues/detail?id=13658);
Convert comment counts to comment thread counts around the UI
## Documentation changes
* config-reverseproxy.txt: Document X-Forwarded-For header
* Document possibility to resume reviews with meetings
* Document how to mitigate the issue of broken Eclipse project on MacOS
* Clarify documentation about parent project access right
* Document [jgit options respected by gerrit gc](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/config-gerrit.html#gc);
[receive](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.1/config-gerrit.html#jgit-receive)
## JGit changes
* [Issue 13544](https://bugs.chromium.org/p/gerrit/issues/detail?id=13544);
Ensure that `GC#deleteOrphans` respects pack lock.
If pack or index files are guarded by a pack lock (`.keep` file),
`deleteOrphans()` should not touch the respective files protected by the
lock file. Otherwise it may interfere with `PackInserter` concurrently
inserting a new pack file and its index.
* [Issue 13694](https://bugs.chromium.org/p/gerrit/issues/detail?id=13694);
Fix the git wire protocol v2 issue on JDK 15
## Elasticsearch changes
* ElasticContainer: Upgrade V6_8 to elasticsearch 6.8.13
* ElasticContainer: Upgrade V7_8 to elasticsearch 7.8.1
* [Issue 12704](https://bugs.chromium.org/p/gerrit/issues/detail?id=12704);
Simplify Init for Elasticsearch
## Other dependency changes
* Upgrade caffeine to 2.8.5
* Upgrade jackson-core to 2.11.3
* Upgrade metrics-core to 4.1.12.1
* Upgrade soy to 2020-08-24
* [Issue 13474](https://bugs.chromium.org/p/gerrit/issues/detail?id=13474);
Upgrade testcontainers to 1.15.0
## Other core changes
* Limit graceful shutdown to SSH sessions serving git requests
* NoteDbMigrator: Improve log message when saving ref updates
* Explicitly check READ permission when processing a git push
* Introduce sshd.gracefulStopTimeout
* Fix eclipse project generation
* Update instructions for running on Docker
* Fix links and file name in emails for patchset-level comments
* Add JavaScript style guide
### Core issues
* [Issue 11637](https://bugs.chromium.org/p/gerrit/issues/detail?id=11637);
Add a process to remove a core plugin
* [Issue 11774](https://bugs.chromium.org/p/gerrit/issues/detail?id=11774);
Change filtering of messages in experimental ChangeLog
* [Issue 12707](https://bugs.chromium.org/p/gerrit/issues/detail?id=12707);
Apply diff preferences immediately after clicking save
* [Issue 12934](https://bugs.chromium.org/p/gerrit/issues/detail?id=12934);
Fix selection on diff with range comments
* [Issue 12994](https://bugs.chromium.org/p/gerrit/issues/detail?id=12994);
Fix toggle on iOS
* [Issue 13014](https://bugs.chromium.org/p/gerrit/issues/detail?id=13014);
Clean up disrespectful terms
* [Issue 13054](https://bugs.chromium.org/p/gerrit/issues/detail?id=13054);
Restore keyboard shortcut for expand all diff context
* [Issue 13073](https://bugs.chromium.org/p/gerrit/issues/detail?id=13073);
Fix highlight on multi-line range comments
* [Issue 13184](https://bugs.chromium.org/p/gerrit/issues/detail?id=13184);
Respect log.textLogging and log.jsonLogging using --console-log
* [Issue 13266](https://bugs.chromium.org/p/gerrit/issues/detail?id=13266);
Allow to use 'Apply fix' several times on the commit message
* [Issue 13349](https://bugs.chromium.org/p/gerrit/issues/detail?id=13349);
When SSH is disabled, it should also be disabled on replica
* [Issue 13350](https://bugs.chromium.org/p/gerrit/issues/detail?id=13350);
Decode group id before using it to add [cc-]reviewers
* [Issue 13376](https://bugs.chromium.org/p/gerrit/issues/detail?id=13376);
Make sure that comment drafts are sorted to the end
* [Issue 13464](https://bugs.chromium.org/p/gerrit/issues/detail?id=13464);
Use persistent cache provided by libModule for offline reindex
* [Issue 13754](https://bugs.chromium.org/p/gerrit/issues/detail?id=13754);
Fix NPE with StoredCommentLinkInfoSerializer when enabled is null
## Bugfix releases
### Unreleased changes
* Breaking changes
* [Issue 15941](https://crbug.com/gerrit/15941)
Fix SSH queries to not show commit-message unless --commit-message is provided
This issue has existed for several years and should be considered
breaking as users might expect commit message to be included by
default in SSH query results.
Obtaining the commit message is a costly operation as the commit
data has to be loaded. So, showing it even when --commit-message
is not provided degrades the performance of SSH queries.
* Performance Fixes
* [Change 338834](https://gerrit-review.googlesource.com/338834)
Avoid creating an IdentifiedUser multiple times in a SSH query
This improves performance of SSH queries.
* [Change 338574](https://gerrit-review.googlesource.com/338574)
Cache ProjectControl instances in SSH queries
A PerThreadCache is used to cache ProjectControl instances to
improve SSH query performance.
* [Change 338474](https://gerrit-review.googlesource.com/338474)
Allow async receive-commits to have a thread-local cache
Improve caching when merging changes through git push
* [Change 338154](https://gerrit-review.googlesource.com/338154)
Lazy load change notes when submit by push
Improves performance of change submit via push
* Bug Fixes
* [Change 337474](https://gerrit-review.googlesource.com/337474)
Use sane value for QueryProcessor's effective limit on "--no-limit"
Fix errors seen when --no-limit query option is used with ES index backend
### 3.3.11
* Bug Fixes
* [Change 335705](https://gerrit-review.googlesource.com/335705):
Fix bazel build on Mac M1 (aarch64)
* [Change 334762](https://gerrit-review.googlesource.com/334762):
Use original javax.servlet-api instead of tomcat's copy
* [Change 334299](https://gerrit-review.googlesource.com/334299):
Reject invalid queries with status code 400 on `POST /accounts/<account-identifier>/watched.projects`
* [Issue 14109](https://crbug.com/gerrit/14109):
Fix NPE with cherry pick REST-API onto an existing change in a different branch
* Dependency Updates
* Update rules_nodejs version to 5.1.0.
### 3.3.10
* Security Fixes
* [Change 333304](https://gerrit-review.googlesource.com/333304):
Ignore `--no-limit` query changes option for anonymous users
Prevent the use of `no-limit` option with query changes REST API.
The option can result in excessive resources usage make Gerrit subject
to DoS and DDoS by any remote endpoint without the need to have any
Gerrit account or signing in.
* Docker Images
* [Change 329639](https://gerrit-review.googlesource.com/329639):
CentOS 8 AppStream has disappeared: use AlmaLinux 8.5 as replacement for Gerrit image
* Bug Fixes
* [Issue 14945](https://crbug.com/gerrit/14945):
Account cache is not caching the access to the account data refs
Account cache in Gerrit v3.3 does not cache the access to the All-Users.git
repository because of the refactoring of the cache key, which requires lookup
of the All-Users.git refs. Gerrit allows now the refs in-memory caching using
the [cached-refs](https://gerrit.googlesource.com/modules/cached-refdb) libModule.
* [Issue 14912](https://crbug.com/gerrit/14912):
Fix lost watch notifications when attention-set-only is configured
* [Issue 15407](https://crbug.com/gerrit/15407):
MultiBaseLocalDiskRepositoryManager cannot be overloaded by libModules
Allow the replacement of multi-base git repositories through libModules, which
wasn't possible before. Allow to use multi-base git repositories with the
[multi-site](https://gerrit.googlesource.com/plugins/multi-site/) plugin and the
[cached-refs](https://gerrit.googlesource.com/modules/cached-refdb) libModule
* [Issue 15500](https://crbug.com/gerrit/15500):
Fix java.util.IllegalFormatArgumentIndexException on Java 17 in
MergeUtil#mergeWithConflicts
* [Issue 15590](https://crbug.com/gerrit/15590):
Fix SLF4J binding to Reload4J
Use Reload4J-specific binding for SLF4J, fixing the broken MDC
since the swap of Log4J with Reload4J done in
[Change 328081](https://gerrit-review.googlesource.com/c/gerrit/+/328081).
* [Change 330359](https://gerrit-review.googlesource.com/c/gerrit/+/330359):
Fix gerrit ls-members --recursive
Fix a regression introduced with
[Change 134334](https://gerrit-review.googlesource.com/c/gerrit/+/134334)
that caused it to ignore the --recursive flag.
* Documentation Fixes
* [Change 331361](https://gerrit-review.googlesource.com/c/gerrit/+/331361):
Fixup old references to Database in documentation
* [Change 331360](https://gerrit-review.googlesource.com/c/gerrit/+/331360):
Remove leftover receive.changeUpdateThreads references
* [Change 290603](https://gerrit-review.googlesource.com/c/gerrit/+/290603):
Fix gerrit ls-groups flag `-g` in documentation
* Other Fixes
* [Issue 15667](https://crbug.com/gerrit/15667):
Fix Zuul build with obsolete Python 3.5.
* Dependency Updates
* Update SLF4J version to 1.7.36.
* Replace Log4J with reload4j version 1.2.19.
### 3.3.9
* Security Fixes
* [Issue 15481](https://crbug.com/gerrit/15481):
Remove support for Elasticsearch versions vulnerable to [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228)
[Elasticsearch v7.16.2](https://www.elastic.co/guide/en/elasticsearch/reference/current/release-notes-7.16.2.html)
includes the fix for the Log4J v2 vulnerability CVE-2021-44228.
Remove support in Gerrit for all other vulnerable Elasticsearch versions and keep
compatibility with v7.16.2 only.
* [Change 325218](https://gerrit-review.googlesource.com/325218):
Show the bi-directional Unicode chars as red exclamation marks.
Bidirectional Unicode chars can be used to hack code base, as shown
in [Trojan Source web-site](https://trojansource.codes/).
Gerrit diff-view finds bidirectional unicode and shows them as red
exclamation marks.
* New Features
* [Change 325217](https://gerrit-review.googlesource.com/325217):
Soft hyphen are used in localization, show them similarly to tab indicator in diff-view.
* Reindexing performance improvements
* [Change 325417](https://gerrit-review.googlesource.com/325417):
Changes off-line reindex: schedule slices immediately
If a site has one huge repository and several small/medium sized repos,
then slice creation for the large repo will effectively block other
smaller repos from starting to reindex their changes. Schedule slices
without waiting for any other slice creation, providing up to 25%
performance improvement for large sites.
* Bug Fixes
* [Change 325299](https://gerrit-review.googlesource.com/325299):
Disable cache display stats when initializing new Gerrit sites, as not useful.
* Replication Plugin Fixes
* [Issue 15315](https://crbug.com/gerrit/15315):
Document in the replication plugin that remoteNameStyle might result in a names clashes
* [Issue 15318](https://crbug.com/gerrit/15318):
Document in the replication plugin that remoteNameStyle is for non-Gerrit remote repos
* Gitiles Plugin Fixes
* [Issue 15307](https://crbug.com/gerrit/15307):
Fix Bazel build on MacOS
* [Change 273397](hhttps://gerrit-review.googlesource.com/273397):
Load fonts directly from Gerrit instead of 3rd party domains
In environments without public Internet access or where tight control
of loaded resources is necessary, loading fonts from 3rd party domains
might be restricted. Use only the fonts included in the Gerrit war
distribution and domain.
### 3.3.8
* Breaking changes
* [Change 323855](https://gerrit-review.googlesource.com/323855) [Change 324115](https://gerrit-review.googlesource.com/324115):
ProjectCache#evict no longer triggers a reindex.
During offline project reindexing evict() was triggering a duplicate reindex
on the project when we only wanted to evict the project cache entry. This same
issue occurred with the HA plugin and could be/been present in other plugins.
If you have relied on a reindex being done on evict() you need to use
evictAndReindex() instead. This behavior is now consistent with other evict()
methods in Gerrit.
* New features
* [Change 324095](https://gerrit-review.googlesource.com/324095):
Display cache statistics after reindex operation.
Help analyzing the cache utilization during reindex command
and provide insight into sizing them for optimal performance.
* [Change 323786](ttps://gerrit-review.googlesource.com/323786):
Allow context-dependent group suggestions in gr-permission.
* Reindexing performance improvements
* [Change 322935](https://gerrit-review.googlesource.com/322935):
Fix buggy Index-Interactive Executor.
Fix index.threads when set to a negative value which was not using a
direct executor as mentioned in docs.
* [Change 323215](https://gerrit-review.googlesource.com/323215)
[Change 322296](https://gerrit-review.googlesource.com/322296):
Disable auto flushing during offline Lucene indexing.
* [Change 322835](https://gerrit-review.googlesource.com/322835):
Use thread count specified on offline reindex command line.
Honor the "--threads" command line option when provided instead of
batchThreads property from `gerrit.config`.
* [Change 323396](https://gerrit-review.googlesource.com/323396):
Avoid lucene index deletes during offline reindexing.
* [Change 324115](https://gerrit-review.googlesource.com/324115):
Avoid double indexing work during project reindexing.
* Bug Fixes
* [Issue 14963](https://crbug.com/gerrit/14963):
Fix /access REST APIs returning incorrect rule when group is duplicated for same rule.
* [Issue 14097](https://crbug.com/gerrit/14097):
Fix GC action not shown in project commands with Gerrit in multi-site configuration.
* [Issue 15293](https://crbug.com/gerrit/15293):
Fix fetch of group suggestions for projects with a `/` in their name.
* [Issue 15251](https://crbug.com/gerrit/15251):
Ensure that user without edit permission can't change plugin configuration.
* [Change 313561](https://gerrit-review.googlesource.com/313561):
Handle null account-ids when sending e-mails.
* [Change 307602](https://gerrit-review.googlesource.com/307602):
Fix NPE while accessing draft refs.
* [Change 307482](https://gerrit-review.googlesource.com/307482):
EqualsLabelPredicate: fix bug that prevents matching owner votes.
* [Change 323255](https://gerrit-review.googlesource.com/323255):
Skip creating slices for projects with no changes during changes off-line reindexing
so that empty slices are no longer included in the slice count.
### 3.3.7
* New Features
* [Issue 14895](https://bugs.chromium.org/p/gerrit/issues/detail?id=14895):
Support author:self and committer:self in change queries
It is possible to use `self` for searching own changes (for both author and
committer predicates).
* [Issue 14930](https://bugs.chromium.org/p/gerrit/issues/detail?id=14930):
Include `Command-Status` in the `httpd_log` and the `httpd_log.json`
Indicates the overall result of the GIT _command_ over HTTP.
Refer to the [docs](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.7/logs.html#_httpd_log)
for more details.
* Bug Fixes
* [Issue 9812](https://crbug.com/gerrit/9812) [Issue 7338](https://crbug.com/gerrit/7338):
Merge commit cannot be moved
If a merge was targetting branch A, but then it was decided to create
a new branch for this merge named B, which starts from A - The merge
is still valid for B, and the user has no way to move it without amending
and creating a new change.
* [Issue 15024](https://crbug.com/gerrit/15024):
Gerrit event json formatter produces inconsistent payload for different projects
AllProjectsName and AllUsersName were serialised as: {"name":"All-Projects"} and {"name":"All-Users"}
while all other projects were serialised as a JSON string. The different JSON
payloads were causing issues with the HA configuration using the
[high-availability plugin](https://gerrit.googlesource.com/plugins/high-availability).
* [Issue 14968](https://crbug.com/gerrit/14968):
PluginServletContext does not implement javax.servlet.ServletContext.getVirtualServerName()
Remove the noise on error_log of c.g.g.h.p.PluginServletContext does not implement
j.s.ServletContext.getVirtualServerName(), when running Gerrit on Tomcat 8.5.69.
### 3.3.6
* Security Fixes
* [Issue 14732](https://crbug.com/gerrit/14732):
Commits/IncludedIn exposes branch names without respecting the ACLs on branches
When calling the REST endpoint for listing all branches that a commit SHA1
is part of, the commit is properly checked for visibility against the ACLs
(it is a REST resource) but the branches are not checked.
The included-in may expose the list of non-visible branches to a user that
has visibility of the SHA1.
* [Issue 7282](https://crbug.com/gerrit/7282):
Hide repository name and description when user has no access
Gitiles did not respect Gerrit's permission and would show the repo name
and description to any user who could guess the name.
The repositories list as well as the content APIs were not affected.
* New Features
* Pop up accounts when typing within assignee or attention on the searchbar
* Add attention operator for auto-complete on the searchbar
* Bug Fixes
* [Issue 14726](https://crbug.com/gerrit/14726):
Make "conflicts" cache reentrant for preventing deadlocks with concurrent
cache loads of change conflicts computation.
* [Issue 14785](https://crbug.com/gerrit/14785):
Limit returned changes for a triplet without Change-Id
Fix a bug where invoking the REST-API /changes/repo~branch~ without
mentioning the change-id resulted in the full scan of all changes
on a repository/branch causing a high CPU overload and occupying
the request threads for a long time.
* [Issue 14776](https://crbug.com/gerrit/14776):
Prevent removing e-mail associated with OpenID external IDs
Gerrit prevents the user from removing the email address
associated with their OpenId account.
* [Issue 14872](https://crbug.com/gerrit/14872):
Disable setting cancelLeftPadding if avatars are not set in the config
* [Issue 13745](https://crbug.com/gerrit/13745)
[Issue 14173](https://crbug.com/gerrit/14173):
Firefox: fix suggested reviewers pop up instantly and not disappearing when out of focus
* [Change 312602](https://gerrit-review.googlesource.com/c/gerrit/+/312602):
Fix Mariadb status matching for AccountPatchReview
Mariadb connector uses SQLException.getSQLState() which returns the ANSI
SQLSTATE value, not the MariaDB/mysql error code.
Fix the removal of duplicate key detection when an already reviewed file
opened up again returned 500 because of the incorrect handling of SQLSTATE
value.
* [Change 312382](https://gerrit-review.googlesource.com/c/gerrit/+/312382):
Fix deleting edits when change is merged
Fix the support of deleting a change edit after it has been merged or
abandoned.
* [Change 313702](https://gerrit-review.googlesource.com/c/gerrit/+/313702):
Remove contenteditable="false" from within dragDropArea which caused issues with uploading
* Plugins Fixes
* [Change 314364](https://gerrit-review.googlesource.com/c/plugins/codemirror-editor/+/314364):
codemirror-editor: stop propagation for all keys but exempt the save button
This fixes an issue where if using contenteditable (default on mobile)
and you typed "/", it would get intercepted within the app.
* Dependency Updates
* Update CodeMirror to 5.62.2.
Fix an issue on mobile where typing causes the keyboard line to go out
of sync.
### 3.3.5
* Breaking Changes
* Elasticsearch: Support for [EOL versions](https://www.elastic.co/support/eol)
7.4 and 7.5 is discontinued, as they became EOL earlier this year.
* Bug Fixes
* [Issue 13955](https://crbug.com/gerrit/13955):
Safari 14.1 for Mac OS BigSur 11.3.1: Multi-line code comment broken.
* [Issue 14495](https://crbug.com/gerrit/14495):
SSH thread leak with authentication exception
A show-queue will show tasks in the Batch (or Interactive) queue hanging forever
as a consequence of a Git/HTTP thread ended because of an error.
* [Issue 14577](https://crbug.com/gerrit/14577):
Dedicated mergeable endpoint shouldn't be called if change.mergeabilityComputationBehavior
is set to API_REF_UPDATED_AND_CHANGE_REINDEX
* [Issue 14600](https://crbug.com/gerrit/14600):
Empty registered field on profile settings screen
* [Issue 14603](https://crbug.com/gerrit/14603):
Attention-set operations count towards change.maxUpdates limit.
* [Issue 14613](https://crbug.com/gerrit/14613):
Gerrit is killed before the gracefulStopTimeout
Avoids gerrit.sh killing the in-flight Git/HTTP just after 30 seconds regardless of
the `httpd.gracefulStopTimeout` configuration value.
* [Issue 14639](https://crbug.com/gerrit/14639):
Searching repositories by name is case-sensitive
Restore the correct project search that was case-insensitive in 2.16.27,
3.1.3 and 3.3.2.
* [Issue 14645](https://crbug.com/gerrit/14645):
Username to lowercase conversion fails with duplicates
Duplicated accounts names associated with the same account id was making
the conversion to lowercase fail.
* [JGit Issue 573791](https://bugs.eclipse.org/bugs/show_bug.cgi?id=573791):
Stale file handle raised when loading a collection of notes with a NoteMap over NFS
* [Change 307602](https://gerrit-review.googlesource.com/c/gerrit/+/307602):
Fix NPE while accessing draft refs
* [Change 307482](https://gerrit-review.googlesource.com/c/gerrit/+/307482):
EqualsLabelPredicate: fix bug that prevents matching owner votes
* Dependency Updates
* Update JGit to 24d6d605388c82201092cf1699b51095299380a2.
* Update highlightjs version to 10.7.2.
### 3.3.4
* Bug Fixes
* [Issue 13721](https://crbug.com/gerrit/13721):
Don't serve polygerrit assets for git requests
After migration to Polymer UI, PolyGerrit static resources are mounted at
the root of the gerrit URL, and would collide with project namespaces, so that
the project with these prefixes cannot be served with Git over HTTP protocol.
* Fix `EqualsLabelPredicate` to not fail when calling match() from a plugin
Calling `match()` on the `EqualsLabelPredicate` returned from
`ChangeQueryBuilder.parse()` in a plugin fails when in the context of an
HTTP query.
* Fix registration redirect on OpenID
* Log when a new SSH connection is rejected due to exceeded limit
When the `sshd.maxConnectionsPerUser` got exceeded for a user, new
connections from that user were rejected but no log entry was reported.
* [Issue 14127](https://crbug.com/gerrit/14127):
Fix binding of DELETE REST calls from plugins.
The processing of the DELETE request actually never reached the
delete-project plugin due to bug in the RestApiServlet which wrongly
delegated the request to a child collection in Gerrit core.
* [Issue 13140](https://crbug.com/gerrit/13140):
OpenID: Remove support for Yahoo! OpenID provider.
Yahoo! discontinued support for OpenID provider:
"OpenID2 will be EOLed on 6/30/20"
* [Issue 14246](https://crbug.com/gerrit/14246):
Creation of internal account does not respect `auth.userNameToLowerCase`.
The CreateAccount SSH command and REST API was able to create accounts
with usernames that contained uppercase letters even if
`auth.userNameToLowerCase` was set to true.
* [Issue 14490](https://crbug.com/gerrit/14490):
Missing LDAP metrics for authentication.
Expose the LDAP metrics in terms of latency and call rates so that any
problem can be highlighted early on and potentially alerted to the Gerrit
admin.
* [Issue 14497](https://crbug.com/gerrit/14497):
Git/HTTP traffic overloads LDAP with duplicate authentication requests.
When authenticating incoming Git calls over HTTP the BasicAuth filter was
called 3 times per call triggering multiple authentications against the
backend.
* [Issue 14508](https://crbug.com/gerrit/14508):
Allow GerritAccount Cookie authentication for Git/HTTP.
Allow to create a Gerrit session from the GerritAccount cookie set on the
Git client, so that only the first HTTP call will actually authenticate
and create a session whilst all the others would just reuse the existing
cookie.
* [Issue 14553](https://crbug.com/gerrit/14553):
Gerrit REST-API fails when using /a/ prefix and cookies
Recent fix to support GerritAccount Cookie authentication for Git/HTTP
broke existing Python (or other) scripting when performing automation with
Gerrit REST-API. That is due to the generation of the GerritAccount cookie
in the HTTP response, which Python automatically manages to reuse in
subsequent calls.
* [Issue 11142](https://crbug.com/gerrit/11142):
ssh to gerrit with no args requires standard input to terminate.
* [JGit Issue 552173](https://bugs.eclipse.org/bugs/show_bug.cgi?id=552173)
Too many open files when fetching repos with lots of refs
JGit update fixes "Too many open files" errors.
* Dependency Updates
* Update JGit to 73f8acdc5c97e068143c86765995c4fb6923ee91.
### 3.3.3
* New Features
* [Issue 12970](https://bugs.chromium.org/p/gerrit/issues/detail?id=12970):
Support of patterns to filter input on Browse -> Repositories page (e.g.`a/*/b`)
* [Issue 14004](https://bugs.chromium.org/p/gerrit/issues/detail?id=14004):
Introduce [`gerrit.installBatchModule`](http://gerrit-documentation.storage.googleapis.com/Documentation/3.3.3/config-gerrit.html#gerrit.installBatchModule)
in `gerrit.config` to be used during Gerrit init step.
* [Issue 14091](https://bugs.chromium.org/p/gerrit/issues/detail?id=14091):
Support the highlighting of LaTeX files with .tex extension.
* Breaking Changes
* Elasticsearch: Support for [EOL versions](https://www.elastic.co/support/eol)
7.2 and 7.3 is discontinued. Both elasticsearch versions became EOL recently.
* [Issue 13931](https://bugs.chromium.org/p/gerrit/issues/detail?id=13931):
Disallow editing the Change-Id during inline edits.
* Bug Fixes
* [Issue 12443](https://bugs.chromium.org/p/gerrit/issues/detail?id=12443):
Stop generating continuous "logging context is not empty" in error_log.
* [Issue 12847](https://bugs.chromium.org/p/gerrit/issues/detail?id=12847)
[Issue 12862](https://bugs.chromium.org/p/gerrit/issues/detail?id=12862):
Fix NPE on trying to send email for user without email address.
* [Issue 13899](https://bugs.chromium.org/p/gerrit/issues/detail?id=13899):
Shows reviewers column in the user's open changes dashboard.
* [Issue 14097](https://bugs.chromium.org/p/gerrit/issues/detail?id=14097):
Allow enabling of Git GC button for non-local Git repository managers, such
as multi-site repositories.
* [Issue 14117](https://bugs.chromium.org/p/gerrit/issues/detail?id=14117):
Do not suggest service users as reviewers on changes.
* [Issue 14118](https://bugs.chromium.org/p/gerrit/issues/detail?id=14118):
Quota management: enforce repository size on pack rather than on object.
* [Issue 14193](https://bugs.chromium.org/p/gerrit/issues/detail?id=14193):
Ensure InternalUser can parse groups.
* PolyGerrit Fixes
* [Issue 14035](https://bugs.chromium.org/p/gerrit/issues/detail?id=14035):
Change --gr-formatted-text-prose-max-width from 80ch to 120ch.
* [Issue 14036](https://bugs.chromium.org/p/gerrit/issues/detail?id=14036):
Fix multiline range commenting in Firefox.
* [Issue 14104](https://bugs.chromium.org/p/gerrit/issues/detail?id=14104):
Decorate the number line element of a blank side, otherwise it won't be affected
by the "hide-left" action to hide one side of the diff.
* [Issue 14127](https://bugs.chromium.org/p/gerrit/issues/detail?id=14127):
Fix binding of DELETE REST calls from plugins which impacted the ability the delete
projects using the delete-project plugin.
* [Issue 14257](https://bugs.chromium.org/p/gerrit/issues/detail?id=14257):
Fix empty TopMenu drop down list.
* Documentation updates
* Align the recommended buildifier version to v4.0, the same used in the CI.
* Development guidelines: mention that Optional in arguments is discouraged
(use @Nullable instead) but may be used as return type.
* New configuration setting [`suggest.skipServiceUsers`](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.3/config-gerrit.html#suggest.skipServiceUsers)
for preventing the suggestion of service users as reviewers.
* New configuration setting [`gerrit.installBatchModule`](https://gerrit-documentation.storage.googleapis.com/Documentation/3.3.3/config-gerrit.html#gerrit.installBatchModule)
for adding additional Guice modules to Gerrit init command.
* Remove the now obsolete section about Java configuration for Strong Cryptography.
* Dependency Updates
* Update highlight.js to 10.6.0.
### 3.3.2
* New Features
* Add change query option allowing administrators to skip visibility filtering.
Add a new REST-API change query option "skip-visibility" to allow administrators
to skip visibility filtering.
* Security Fixes
* [Issue 13858](https://bugs.chromium.org/p/gerrit/issues/detail?id=13858)
[CVE-2021-22553](https://nvd.nist.gov/vuln/detail/CVE-2021-22553):
Fixed memory leak in Git-over-HTTP requests.
Unauthenticated users could exploit this problem in a Denial of Service attack,
causing the server to go out-of-memory.
* PolyGerrit Fixes
* [Issue 11811](https://bugs.chromium.org/p/gerrit/issues/detail?id=11811):
Fix comments on partial text selection on Safari.
* [Issue 13870](https://bugs.chromium.org/p/gerrit/issues/detail?id=13870):
Polygerrit: Remove license headers in minified gr-app.js.
* Replication plugin fixes
* Don't check read permission when authgroup isn't set.
Do not check for read permission when authGroup is not set since
the user is a RemoteSiteUser that is-an InternalUser having
read access to everything. This fixes a regression introduced in v3.1.10
that prevented the All-Users.git repository to be fully replicated to
Gerrit replicas.
* Bug Fixes
* [Issue 13803](https://bugs.chromium.org/p/gerrit/issues/detail?id=13803):
Limit number of ambiguous accounts in error message.
Don't list more than 3 ambiguous accounts in error message of
UnresolvableAccountException in order to prevent flooding the log and
displaying a lot of sensitive account data in an error dialog.
* [Issue 13936](https://bugs.chromium.org/p/gerrit/issues/detail?id=13936):
Fix badly formatted error message shown in error dialog.
* [Issue 13884](https://bugs.chromium.org/p/gerrit/issues/detail?id=13884):
Fix 'is:submittable' query on multiple submit records.
* Dependency Updates
* Update highlight.js to 10.5.0.
* Update codemirror-minified to 5.59.1.
* Update Jetty to 9.4.35.v20201120.
* Downgrade soy-template to 2019-10-08.
### 3.3.1
* Breaking changes
* Elasticsearch: support for [EOL version](https://www.elastic.co/support/eol)
6.8 is discontinued. This was the last supported minor version of
Elasticsearch 6 in Gerrit. From this release, Gerrit no longer supports V6
but only the already supported versions 7.x of Elasticsearch.
* Speaking of which, support for 7.0 and 7.1 is discontinued too, as both
elasticsearch versions also became [EOL](https://www.elastic.co/support/eol)
recently.
* Security Fixes
* [Issue 12629](https://bugs.chromium.org/p/gerrit/issues/detail?id=12629):
Verify hostname when sending emails via SMTP server with SMTPSClient.
The SMTP server's certificate and hostname must be verified if
encryption is enabled with SSL verification in the host settings
(`sendemail.smtpEncryption` and `sendemail.sslVerify`).
* PolyGerrit Fixes
* Remove requesting DETAILED_LABELS for the dashboard.
* [Issue 13785](https://bugs.chromium.org/p/gerrit/issues/detail?id=13785)
Add z-index to gr-main-header to avoid the box shadows being hidden behind the content.
* Bug Fixes
* [Issue 13544](https://bugs.chromium.org/p/gerrit/issues/detail?id=13544)
Ensure that GC#deleteOrphans respects pack lock:
If pack or index files are guarded by a pack lock (.keep file)
deleteOrphans() should not touch the respective files protected by the
lock file.
* [Issue 13775](https://bugs.chromium.org/p/gerrit/issues/detail?id=13775)
Honor `toogleWipState` permission for `%ready` `%wip` push options:
* [Issue 13781](https://bugs.chromium.org/p/gerrit/issues/detail?id=13781)
Compact the REST-API output JSON unconditionally:
The output JSON was initially compacted only when
the Accept header was set to `application/json`: the compaction is now
done unconditionally, unless the `pp=1` query parameter is specified.
* [Issue 13786](https://bugs.chromium.org/p/gerrit/issues/detail?id=13786)
ForRef#check should permit internal users to read all refs:
[Make `PermissionBackend#ForRef` authoritative change](https://gerrit-review.googlesource.com/c/gerrit/+/288925)
introduced a regression where gerrit `internal users` (e.g. plugins) were
not taken into consideration when checking READ permission. As consequence
the `All-Users.git` repository did not get any of the user's refs replicated
to the slaves. After the upgrade it is required to trigger a forced replication
of the `All-Users.git` repository manually.
* Avoid logging ssh exception for __stream is already closed__ when length=0
if present in the stacktrace.
* Adapt Bazel/RBE build to produce Java 11 language level.
* Make UI experiments configurable from gerrit.config.
Allows users who upgrade Gerrit to make use of experimental features or
temporarily revert to previous behavior in case the new behavior breaks them
(e.g. turn off patch-set-level comments in 3.3 which breaks some CI workflows).
* [Issue 13800](https://bugs.chromium.org/p/gerrit/issues/detail?id=13800)
Expose patch set level comment in stream event.
* Documentation Updates
* Clarify that 'm' push option sets patch set description.
* Clarify that disk cache metrics require `cache.enableDiskStatMetrics`.
* Dependency Updates
* Upgrade commons-io to 2.4.
* Upgrade testcontainers to 1.15.1.