Google Git
Sign in
gerrit / homepage / 82de29e377cde01b450de488657b2ebc0dfdd019 / . / pages / site / releases / 3.7.md
blob: 8d37e2f7b2b6956c45ec10b6f273a63eb5bf5c34 [file] [log] [blame] [view]
---
title: "Gerrit 3.7.0"
permalink: 3.7.html
hide_sidebar: true
hide_navtoggle: true
toc: true
---
Download: **[3.7.6](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.6.war)**
| [3.7.5](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.5.war)
| [3.7.4](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.4.war)
| [3.7.3](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.3.war)
| [3.7.2](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.2.war)
| [3.7.1](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.1.war)
| [3.7.0](https://gerrit-releases.storage.googleapis.com/gerrit-3.7.0.war)
Documentation: **[3.7.6](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.6/index.html)**
| [3.7.5](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.5/index.html)
| [3.7.4](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.4/index.html)
| [3.7.3](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.3/index.html)
| [3.7.2](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.2/index.html)
| [3.7.1](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.1/index.html)
| [3.7.0](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.0/index.html)
## Release highlights
### UI mostly migrated to [Lit](https://lit.dev/)
Gerrit UI is mostly migrated to Lit, with a
[few exceptions for certain modules](https://github.com/GerritCodeReview/gerrit/search?q=polymer).
### Mention @user support
Users can be mentioned in comments using the `@<user>` notation and select the matching
accounts. Mentioning users automatically add them in CC and send e-mail notification to
get their attention.
This feature can be enabled in `gerrit.config` by adding this configuration:
```sh
[experiments]
enabled = UiFeature__mention_users
```
### Full markdown support in comments
Comments and checks accept and render the full markdown syntax, allowing richer
interaction and communication between authors and reviewers. This follows the
CommonMark spec, except inline images and direct HTML are not rendered and kept
as plaintext. No markdown rendering is done in the commit message.
### Bulk actions on search results and dashboard
Apply a change action to an entire group of changes all at once right from the
search page or your dashboard. Simply select all the changes, click your action,
and fill out the details on the dialog. Currently supported actions are:
- Add Reviewer or CC
- Add Topic
- Add Hashtag
- Vote (excluding Code-Review)
### Auto theme mode
The theme is automatically changed to light/dark based on your OS preference. You can change the
theme in users preferences.
### Copy links
The copy links are in the dropdown next to the change number with keyboard shortcuts or a button
to quickly copy the format that you prefer to link change.
### Import Projects' Changes from other Gerrit servers
Gerrit can read and render Changes coming from Projects copied from other servers having
different server-ids and account-ids.
This allows the Gerrit administrators to move projects and changes across servers with
a compatible NoteDb structure and having the change meta-data parsed and reindexed in
Gerrit.
> NOTE: Only the changes can be imported and reindexed in Gerrit, following the account
> reverse lookup association using the new `imported` external-ids. Groups, ACLs and project
> hierarchy and Prolog rules (aka `refs/meta/config`) may not be imported out of the box
> and still require the Gerrit administrator to copy and adapt them manually.
At high-level, the process consists of:
1. Configure the [`gerrit.importedServerId`](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.0/config-gerrit.html#gerrit.importedServerId)
with the values of the [`gerrit.serverId`](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.0/config-gerrit.html#gerrit.serverId)
of the Gerrit servers from the project changes to be imported originate from.
2. Identify the accounts involved in the project changes to import and create
the corresponding [`imported` external-ids]() in the `All-Users.git` repository.
Example of how to add the external-id `imported:1000002@59a4964e-6376-4ed9-beef-123bd9217df8`
to the account-id `1000001`:
```
$ EXT_ID=imported:1000002@59a4964e-6376-4ed9-beef-123bd9217df8
$ EXT_ID_NOTE=$(echo -n $EXT_ID | shasum | awk '{print $1}')
$ git clone $GERRIT_SITE/git/All-Users.git && cd All-Users
$ git fetch origin refs/meta/external-ids && git checkout FETCH_HEAD
$ echo -e '[externalId "'$EXT_ID'"]\n\taccountId = 1000001' > $EXT_ID_NOTE
$ git commit -am "Added $EXT_ID"
$ git push origin HEAD:refs/meta/external-ids
```
3. Create the destination project of the import in Gerrit
4. Push the changes under `refs/changes/*` from the source Gerrit into the newly created
destination project.
5. Reindex all imported changes, either online with
[`gerrit index changes`](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.0/cmd-index-changes.html)
or offline with the [`java -jar gerrit.war reindex`](https://gerrit-documentation.storage.googleapis.com/Documentation/3.7.0/pgm-reindex.html)
commands.
The overall process has been described in detail and live demoed during the
[Gerrit User Summit 2022](https://gerrit.googlesource.com/summit/2022/+/refs/heads/master/sessions/import-gerrit-projects-across-servers.md).
### New command to check project access for other users
Gerrit admins can verify the ACLs of projects for individual users using the new
`gerrit check-project-access` SSH command.
## Important notes
### Schema and index changes
This release contain changes to the schema which is upgraded to version 185; also all indexes
have been upgraded.
### Offline upgrade
Download the gerrit.war and run the `init` and then `reindex` program:
```sh
java -jar gerrit.war init -d site_path
java -jar gerrit.war reindex -d site_path
```
### Online upgrade with zero-downtime
Gerrit v3.7.x supports zero-downtime upgrade from Gerrit v3.6.3 or later when
configured using a [high-availability configuration](https://gerrit.googlesource.com/plugins/high-availability/+/refs/heads/master/README.md),
and the Git repositories are stored in a shared filesystem such as NFS or
similar.
> NOTE: Gerrit versions older than v3.6.0 would require an offline upgrade.
During the zero-downtime upgrade, Gerrit end-users would not notice any outage
or service disruption. They will be able to perform any read/write Gerrit
operation on the GUI or using using any API.
The zero-downtime upgrade consists of the following steps:
1. Have Gerrit servers running v3.6.3 or later, in high-availability
configuration, healthy and able to handle the incoming traffic properly.
2. Set `gerrit.experimentalRollingUpgrade` to `true` in `gerrit.config` on both Gerrit masters.
3. Set the Gerrit server unhealthy.
4. Shutdown the Gerrit server, update gerrit.war and plugins to v3.7.x and start
Gerrit again.
5. Verify that the Gerrit server is working properly (e.g. run automated smoke
tests) and then make it healthy again.
6. Wait for the Gerrit server to start serving traffic normally.
7. Repeat steps 3. to 6. for all the other Gerrit servers.
8. Remove `gerrit.experimentalRollingUpgrade` from `gerrit.config` on both Gerrit masters.
### Downgrade
Downgrade to Gerrit v3.6.x release is possible, but requires the following manual steps:
1. Shutdown a migrated Gerrit v3.7.x server
2. Downgrade the All-Projects.git version (refname: `refs/meta/version`) to `184`:
``` sh
git update-ref refs/meta/version $(echo -n 184|git hash-object -w --stdin)
```
See [git hash-object](https://git-scm.com/docs/git-hash-object) and
[git update-ref](https://git-scm.com/docs/git-update-ref).
> NOTE: The migration of the __label config to copy-condition__ performed in v3.7.x init
> step is idempotent and can be run many times. Also v3.6.x supports the copy-condition and
> therefore the migration does not need to be downgraded.
3. Run Gerrit v3.6.x init, downgrading all plugins, and run the off-line reindex
```sh
java -jar gerrit-3.6.x.war init -d site_path
java -jar gerrit-3.6.x.war reindex -d site_path
```
4. Start Gerrit v3.6.x server
### Native packaging
* GerritForge RPM repository updated for arm64 architecture
[GerritForge RPM v1.4](https://gerritforge.com/gerritforge-repo-1-4.noarch.rpm)
has been released, including the native packages for arm64 architecutre.
* [gerrit:3.7.0-almalinux8](https://hub.docker.com/r/gerritcodereview/gerrit/tags?page=1&name=3.7.0-almalinux8)
OS base image upgraded to [AlmaLinux 8.6](https://wiki.almalinux.org/release-notes/8.6.html)
* DockerHub images for arm64 architecture
[DockerHub Gerrit images](https://hub.docker.com/r/gerritcodereview/gerrit/tags?page=1&name=3.7.0)
include images for arm64 architecture.
### Update gerrit.reportBugUrl configuration
The issues of the Gerrit Code Review project have been migrated from
Monorail into the new Gerrit Tracker, see announcement at:
https://groups.google.com/g/repo-discuss/c/F4havFh_Bvw/m/D5MsV17yAgAJ
If the [gerrit.reportBugUrl](https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#gerrit.reportBugUrl)
setting on your Gerrit server is pointing to the Gerrit Monorail project, which
is deprecated now, please update the URL to point to the new Gerrit Tracker,
e.g. change https://bugs.chromium.org/p/gerrit/issues/entry?template=Bug+Report
to https://issues.gerritcodereview.com/issues/new.
### Breaking changes
* [Change 335625](https://gerrit-review.googlesource.com/335625):
ThreadMXBeanSun: Use getCurrentThreadAllocatedBytes() method
Used Bazel version is shipping latest release of JDK 11, that contains this method.
The `getCurrentThreadAllocatedBytes()` method is provided from JDK versions
>= 11.0.10.
Make sure you are running JDK versions >= 11.0.10 when upgrading to 3.7.
* [Change 343774](https://gerrit-review.googlesource.com/343774):
Delete ignored state of changes and 'star:' queries
The query predicates `star:ignored`, `is:ignored` and `star:star` are not supported
anymore. The latter is identical to 'is:starred' or 'has:star'.
* [Change 334467](https://gerrit-review.googlesource.com/334467):
Removed support for deprecated approval config fields in label configs
The boolean flags in label configurations to control approval copying,
as well as the copyValue settings, was previously deprecated and now completely
removed in flavor of the new copyCondition setting that allows to express the
copy conditions as a query.
* [Change 337456](https://gerrit-review.googlesource.com/337456):
Ban new modifications to label functions in favour of submit requirements
* [Issue 15784](https://crbug.com/gerrit/15784):
New project `head updated` event in the stream events
* [Issue 11686](https://crbug.com/gerrit/11686):
Discontinue support for legacy numeric types in Lucene
In Lucene the implementation switched from integer id to string id and now
all the old code is removed. Three different index implementations
are affected:
* changes
* account
* groups
* [Change 334325](https://gerrit-review.googlesource.com/334325):
Migrated label definitions to use copy conditions instead of deprecated fields
The boolean flags in label configurations to control approval copying,
as well as the copyValue settings, have been deprecated in favor of the
new copyCondition setting that allows to express the copy conditions as
a query. The newly added schema version migrates the deprecated fields to copy
conditions.
**NOTE**: Because of this breaking change, downgrading to Gerrit v3.6.x is
not possible out of the box.
* [Issue 15941](https://crbug.com/gerrit/15941):
Fix SSH queries to not show commit-message unless --commit-message is provided
This issue has existed for several years and should be considered
breaking as users might expect commit message to be included by
default in SSH query results.
Obtaining the commit message is a costly operation as the commit
data has to be loaded. So, showing it even when --commit-message
is not provided degrades the performance of SSH queries.
* [Change 336297](https://gerrit-review.googlesource.com/336297):
Recognize lower case operators in search
Previously, we only recognized AND, OR and NOT as boolean
operators. This seems overly strict as users might
unintentionally use the lower case variants.
### Indexing improvements
* [Change 343798](https://gerrit-review.googlesource.com/343798):
Introduce `index.pageSizeMultiplier` configuration to paginate index
queries with increasing size
* [Change 343694](https://gerrit-review.googlesource.com/343694):
Improve performance of queries that check the visibility of changes for
a non-current user
* [Change 343096](https://gerrit-review.googlesource.com/343096):
Introduce `index.paginationType=SEARCH_AFTER` configuration for speeding up
query pagination
* [Change 349694](https://gerrit-review.googlesource.com/349694):
Improve performance of parentof operator by two orders of magnitude
* [Change 345634](https://gerrit-review.googlesource.com/345634):
Paginate internal change index queries, as index backends such as Lucene
and Elasticsearch are known to degrade with a high limit
### Performance fixes
* [Change 338154](https://gerrit-review.googlesource.com/338154):
Lazy load change notes when submit by push
Improves performance of change submit via push
* [Change 338574](https://gerrit-review.googlesource.com/338574):
Cache ProjectControl instances in SSH queries
A PerThreadCache is used to cache ProjectControl instances to
improve SSH query performance.
* [Change 338614](https://gerrit-review.googlesource.com/338614)
Optimize SSH queries to avoid loading individual accounts
This improves performance of SSH queries.
* [Change 338834](https://gerrit-review.googlesource.com/338834):
Avoid creating an IdentifiedUser multiple times in a SSH query
This improves performance of SSH queries.
* [Change 339795](https://gerrit-review.googlesource.com/339795):
Improve performance of the create branch REST API when the repository
contains over one million refs
* [Issue 16284](https://crbug.com/gerrit/16284):
Fix performance issues with git-upload-pack on repositories with a large number
of changes
### Other changes
* [Change 346979](https://gerrit-review.googlesource.com/346979):
Add ability to specify prefix, suffix and text fields for commentLinks of type `link`
* [Change 346854](https://gerrit-review.googlesource.com/346854):
Update change.maxPatchSets value from 1500 to 1000
* [Change 345229](https://gerrit-review.googlesource.com/345229):
Support bulk actions on dashboard and search pages
* [Change 337434](https://gerrit-review.googlesource.com/337434):
New REST API for previewing fix from the request body to a patch set
The newly added API `fix:preview` previewes fix(es) provided as part
of a POST request body. `ApplyProvidedFixInput` holds the fix(es).
This flow is suitable when a frontend plugin shows fix(es) that it is
suggesting on the UI and that the user can accept.
* [Change 339788](https://gerrit-review.googlesource.com/339788):
Allow testing submit requirements using a pending change to the refs/meta/config branch
Admins can then test their SRs using the following workflow:
1. Upload a pending change to the refs/meta/config branch.
2. Test it immediately on any change using:
`curl -X POST https://<gerrit-url>/changes/<change_to_test>/check.submit_requirement?sr-name=Foo&refs-config-change-id=$id`
* [Change 336715](https://gerrit-review.googlesource.com/336715):
Disallow index updates that both add and remove fields
A new version may only add or remove fields, but not both. The type of
existing fields may not be changed.
* [Change 341454](https://gerrit-review.googlesource.com/341454):
Allow using GitWeb with multi-site and cached-refdb
* [Change 307349](https://gerrit-review.googlesource.com/307349):
Add change REST endpoints to create and retrieve submit requirements.
* [Change 307352](https://gerrit-review.googlesource.com/307352):
Add a REST endpoint to delete submit requirements
* [Change 307351](https://gerrit-review.googlesource.com/307351):
Add a REST endpoint to list submit requirements in a project.
* [Change ](https://gerrit-review.googlesource.com/):
New REST API for applying a fix from the request body to a patch set
* [Change 339555](https://gerrit-review.googlesource.com/339555):
The commit-msg hook ignores fixup and squash commits now.
Fixup and squash commits will inherit the Change-id of the commit they
are squashed into.
* [Issue 10168](https://crbug.com/gerrit/10168):
Fix broken links to Gitweb lightweight tags
* [Issue 12546](https://crbug.com/gerrit/12546):
In commit-msg hook, the Change-Id is now inserted before any Signed-off-by
* [Issue 13930](https://crbug.com/gerrit/13930):
Support ssh kex server-sig-algs for modern clients, like OpenSSH 8.8
* [Issue 15194](https://crbug.com/gerrit/15194):
Define new event containing all refs updated in a single operation
* [Issue 15664](https://crbug.com/gerrit/15664):
Disallow truncating the Change-Id across patch-sets
* [Issue 15997](https://crbug.com/gerrit/15664):
Make DelegateRepository#delegate() method public
* [Issue 16182](https://crbug.com/gerrit/16182):
Display the change's Change-Id underneath the commit message when not present in the commit message
* [Issue 16263](https://crbug.com/gerrit/16263):
Disallow js in comment links
* [Issue 16322](https://crbug.com/gerrit/16322):
Limit the number of changes that can be submitted at once
* [Issue 16354](https://crbug.com/gerrit/16354):
Fix change screen errors when trying to load an invalid project with an exixting change number
* [Change 338680](https://gerrit-review.googlesource.com/338680):
Included copied/outdated votes in change message on patch set creation
Include copied and outdated approvals into the change message that is
posted on patch set creation. This allows users to find the copied/outdated
approvals for each patch set in the change log.
* [Change 337968](https://gerrit-review.googlesource.com/337968):
Copy approvals that are applied on outdated patch sets to follow-up patch sets if copyable
Copying approvals that are applied on outdated patch sets to follow-up
patch sets make the life easier for CIs, e.g.:
1. CI is triggered on PS X
2. While the CI is running, PS X+1 which only modified the commit
message is uploaded
3. CI finishes on votes Verified+1 on the outdated PS X
* [Change 336712](https://gerrit-review.googlesource.com/336712):
Included outdated approvals in push output when pushing a new patch set
* [Change 336414](https://gerrit-review.googlesource.com/336414):
Included unsatisfied SRs into new patch set email when change becomes unsubmittable
When a change becomes unsubmittable users want to know which submit
requirements are no longer satisfied.
* [Change ](https://gerrit-review.googlesource.com/):
Support deletion of missing changes from the index
If a change is not found, and the "delete_missing" option is set to
"true", then try to delete it from the index.
* [Change 336134](https://gerrit-review.googlesource.com/336134):
gerrit.sh: add --debug option, start JVM in debug mode
* [Change 335754](https://gerrit-review.googlesource.com/335754):
Approver is added to the attention set when their approval is not copied
If a user applied an approval on a change and this approval gets
outdated and removed when a new patch set is uploaded (i.e. the approval
is not copied to the new patch set) then this user is added to the
attention set now. This is to signal that this user should re-review the
change and renew their approval.
* [Change 330407](https://gerrit-review.googlesource.com/330407):
Added the value "NOT_EVALUATED" to the SubmitRequirementExpressionInfo in the Change API and in NoteDb.
* [Change 349314](https://gerrit-review.googlesource.com/349314):
Fixed change reindex with label copyCondition containing group
## Plugin changes
## Gerrit UI changes
* [Change 346077](https://gerrit-review.googlesource.com/346077):
Added "Your > All Visible Changes" default query
Add a new entry to the "Your" menu which queries "is:visible" which,
is the query for viewing all changes.
* [Change 345136](https://gerrit-review.googlesource.com/345136):
Remove redundant/unhelpful ARIA labels from diff tables
* [Change 344914](https://gerrit-review.googlesource.com/344914):
Fix freezing in Safari when adding comments
* [Change ](https://gerrit-review.googlesource.com/):
New user setting for theme. New default - Auto - shows dark or light theme
based on OS theme preference. User can change new default in settings
Switching theme is now reactive - listening to OS theme preference
changes or on user changing user preferences.
* [Change 337421](https://gerrit-review.googlesource.com/337421):
Introduce Auto Dark/Light Theme based on OS preference
Introducing a new default mode - Auto. This will dynamically change
theme based on OS preferences. Mac OS has Auto mode, that switch
to dark mode in evening. With this change Gerrit can have dark theme
in evening and light them during day.
* [Change 343605](https://gerrit-review.googlesource.com/343605):
Make the file list easier to understand at a glance
Folders that match the previous file are colored gray, folders that
do not match are black, and the file name it self is blue.
* [Change 340970](https://gerrit-review.googlesource.com/340970):
Start using material icons
* [Issue 14526](https://crbug.com/gerrit/14526):
Allow to rebase changes with conflicts in the UI
## Documentation changes
* [Change 337097](https://gerrit-review.googlesource.com/337097):
Contribution Documentation updated for grammar
A few updates to the contribution documentation for developers:
- Minor grammatical errors and restructuring sentences.
- Removing a duplicated paragraph regarding incomplete features.
- Changes in verb tense ('has' to 'is' where appropriate)
## End-to-End tests changes
* [Change 335394](https://gerrit-review.googlesource.com/335394):
Added property authenticated to e2e-tests
This property let you use authenticated HTTP clones with the e2e-tests.
## JGit changes
* Update jgit to 2021ce342, improves UploadPack and git blame performance for large merge commits, also correctly report errors for UploadPack.
## Other dependency changes
* Update Lucene version to 7.7.3
## Bugfix releases
### 3.7.6
* Breaking Changes
* [Change 383334](https://gerrit-review.googlesource.com/c/gerrit/+/387435):
`refreshAfterWrite` and `maxAge` settings in gerrit config are now honored for both persistent and in-memory caches.
Previously these settings were erroneously ignored for persistent caches.
If you rely on them for persistent caches you should be aware they will be
honoured now.
* New Features
* [Change 383334](https://gerrit-review.googlesource.com/c/gerrit/+/383334):
Allow to set gerrit.instanceID from java system property
In environments where Gerrit is scaled automatically and which use
the same static configuration for all instances, e.g. in Kubernetes,
setting instance specific configuration in the config file is a
cumbersome process. Instance ID can also be set using the `gerrit.instanceId`
Java system property, which will override the instance ID in `gerrit.config`.
* [Change 377699](https://gerrit-review.googlesource.com/c/gerrit/+/377699):
Allow generating safe local-only documentation, without reference to external fonts in CSS
* [Change 390658](https://gerrit-review.googlesource.com/c/gerrit/+/390658):
Allow disable Prolog rules evaluation on closed changes
* [Change 390614](https://gerrit-review.googlesource.com/c/gerrit/+/390614):
Allow uploading changes to group refs except changes to group files
* [Change 389055](https://gerrit-review.googlesource.com/c/gerrit/+/389055):
Allow operator aliases to be used in submit requirement expressions
* [Change 386974](https://gerrit-review.googlesource.com/c/gerrit/+/386974):
SSH set-reviewers cmd now handles lock failures with retries
* Performance Fixes
* [Change 376094](https://gerrit-review.googlesource.com/c/gerrit/+/376094):
Introduce new cache `changes_by_project` to speedup git ref advertisements on replica and git-receive-pack on primary
* [Change 377814](https://gerrit-review.googlesource.com/c/gerrit/+/377814):
Skip building bloom filters by default speeding up offline reindex
* Security Fixes
* [Change 389374](https://gerrit-review.googlesource.com/c/gerrit/+/389374):
Update Jetty to 9.4.53.v20231009 with critical security fixes [CVE-2023-36478](https://nvd.nist.gov/vuln/detail/CVE-2023-36478) and [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487)
* Bug Fixes
* [Change 394435](https://gerrit-review.googlesource.com/c/gerrit/+/394435):
Support listing of patch-set files also for imported changes from other Gerrit servers-ids
* [Issue 301481564](https://issues.gerritcodereview.com/issues/301481564):
Fix the repository configuration screen remainign stale when switching tabs
* [Issue 40014568](https://issues.gerritcodereview.com/issues/40014568):
Fix ref-updated stream events consistency for change edits
* [Issue 304335624](https://issues.gerritcodereview.com/issues/304335624):
Fix the changing preferred email resulting in duplicate emails set in cache
* [Change 388054](https://gerrit-review.googlesource.com/c/gerrit/+/388054):
Eliminated startup warning for plugins whose SshModule only provides Ssh\*CommandInterceptors
* [Change 387217](https://gerrit-review.googlesource.com/c/gerrit/+/387217):
Fixed case where an exception in change visibility checking could break visibility of all refs in that repo
* [Change 387055](https://gerrit-review.googlesource.com/c/gerrit/+/387055):
Fix SSH set-topic cmd to consider 'editTopicName' permission
* [Issue 291102119](https://issues.gerritcodereview.com/issues/291102119)
Avoid NullPointerException when deleting a single ref
* [Change 387216](https://gerrit-review.googlesource.com/c/gerrit/+/387216):
Fixed potential OOM due to SubmitRuleEvaluator creating new metrics whenever an instance was created
* [Change 387214](https://gerrit-review.googlesource.com/c/gerrit/+/387214):
Fixed potential OOM due to DefaultRefFilter creating new metrics whenever an instance was created
* [Change 386976](https://gerrit-review.googlesource.com/c/gerrit/+/386976):
Fixed potential OOM due to \*QueryProcessor classes creating new metrics whenever an instance was provided
* [Issue 300976121](https://issues.gerritcodereview.com/issues/300976121):
Fix NPE when `auth.httpDisplaynameHeader` is configured but header is unset
* [Change 387054](https://gerrit-review.googlesource.com/c/gerrit/+/387054):
Fix `force topic edit` permission to consider change owner rule
* [Change 386994](https://gerrit-review.googlesource.com/c/gerrit/+/386994):
Fixed InactiveAccountDisconnector NPE due to race condition
* [Issue 295457464](https://issues.gerritcodereview.com/issues/295457464):
Fixed SSH query not returning copied approvals on per patchset level
* Documentation Fixes
* [Change 391858](https://gerrit-review.googlesource.com/c/gerrit/+/391858):
Document `ChecksApi.updateResult()` in PolyGerrit plugins checks API
* [Change 391696](https://gerrit-review.googlesource.com/c/gerrit/+/391696):
Document `check-result-expanded` plugin endpoint in PolyGerrit plugins checks API
* [Change 388936](https://gerrit-review.googlesource.com/c/gerrit/+/388936):
Explain in ls-projects SSH API when the "parent" field is "?-N"
* [Change 388530](https://gerrit-review.googlesource.com/c/gerrit/+/388530):
Explain in /projects/ REST API when the "parent" field is "?-N"
* Replication Plugin Updates
* [Change 384754](https://gerrit-review.googlesource.com/c/plugins/replication/+/384754):
Avoid opportunity to inadvertently block the distributor
* [Change 383694](https://gerrit-review.googlesource.com/c/plugins/replication/+/383694):
Reduced log level for Task deletion errors in MP setups
* Dependency Updates
* Update jgit to 82e277c813398c9f519f16e83d080a94fa29a27c
* Native Packaging
* [Issue 311414905](https://issues.gerritcodereview.com/issues/311414905):
Add trailing slash in default `canonicalWebUrl` in Docker containers
### 3.7.5
* New Features
* [Change 385116](https://gerrit-review.googlesource.com/c/gerrit/+/385116):
Support Cloud Spanner for AccountPatchReviewStore
* Bug Fixes
* [Change 385557](https://gerrit-review.googlesource.com/c/gerrit/+/385557):
Remove warning on persisted_projects cache on multi-servers setups
The implementation of the key for persisted_project includes the
project version, therefore it is safe when used in a multi-servers
scenarios (HA, multi-site).
* [Change 380154](https://gerrit-review.googlesource.com/c/gerrit/+/380154):
Documentation: NOTE on use of sshkeys, and \*projects cache on clusters
When using the sshkeys, and \*projects caches on a cluster, warn
the Gerrit admin he should be aware of those caches to be potentially
stale. The problem can be minimised by either disabling them
altogether or setting a low value of refreshAfterWrite.
* [Change 384214](https://gerrit-review.googlesource.com/c/gerrit/+/384214):
Align Jetty session timeout with Gerrit web_sessions maxAge
Do not leave Jetty having sessions kept forever but expire
them with the same timeout of Gerrit sessions.
Verified E2E that the Jetty sessions expires with the same
timeout of the web_sessions maxAge value.
* [Issue 290225204](https://issues.gerritcodereview.com/issues/290225204):
loginUrl and loginText are hardcoded in the UI
Gerrit UI ignored the settings in the auth section of the
configuration [1].
In particular auth.loginUrl [2] should be used if present and
auth.type is set to HTTP or HTTP_LDAP.
Also auth.loginText [3] should be used if auth.loginUrl is set.
This change backports change 381534 to stable-3.6. We didn't cherry-pick because the code changes significantly and had many conflicts.
[1]: https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#auth
[2]: https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#auth.loginUrl
[3]: https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#auth.loginText
* [Issue 291102119](https://issues.gerritcodereview.com/issues/291102119):
Avoid NullPointerException when deleting multiple tags
To avoid NPE make sure that ref is not read again after checking if
ref exists. This prevent the issue when other call already removed
the tag and we try to read it. Proper behaviour is to try to delete it
and return `Cannot delete refs/tags/...: LOCK_FAILURE` if tag is already
deleted.
* [Issue 289505276](https://issues.gerritcodereview.com/issues/289505276):
Fix for: change can't be submitted if another branch contains exactly the same commit.
* [Change 380694](https://gerrit-review.googlesource.com/c/gerrit/+/380694):
Hide Move Change from UI if change.move is set to false
* [Issue 290641654](https://issues.gerritcodereview.com/issues/290641654):
Fix bug in API '/projects/*/access:review' ignoring 'message' field
Fix API endpoint 'CreateAccessChange' '/projects/*/access:review'
not hounouring 'message' field provided via 'ProjectAccessInput' object despite setting it.
Add condition to check if message is provided then use it instead of default 'Review access change'
* Plugin Updates
* [Change 383360](https://gerrit-review.googlesource.com/c/gerrit/+/383360):
Update webhooks plugin to 1dc0a71883
This includes the following changes:
1dc0a71 Add HTTP response code 'SC_ACCEPTED' (202) as success case in response handler
16110f3 Annotate methods that return a definitely null value with @Nullable
and fixes:
[Issue 40015349](https://issues.gerritcodereview.com/issues/40015349) "plugins/webhooks doesn't accept HTTP 202 response code"
### 3.7.4
* Breaking changes
* [Issue 40015585](https://issues.gerritcodereview.com/issues/40015585):
Enhance metric name sanitize function to remove collision on '_' between metrics.
Collision between the sanitized metric names can be easily
created e.g. `foo_bar` will collide with `foo+bar`. In order
to avoid collisions keep the rules about slashes and replace not
supported chars with `_0x[HEX CODE]_` string. The
replacement prefix `0x` is prepended with another replacement prefix.
* New Features
* [Issue 287484350](https://issues.gerritcodereview.com/issues/287484350):
Extend configurability of index pagination type
Add NONE option to disable index backend pagination, this option
needs to be honoured by the indexing backend and this change introduces
the correct implementation for Lucene.
* Bug Fixes
* [Issue 289321387](https://issues.gerritcodereview.com/issues/289321387):
Preserve refs order in the GitBatchRefUpdateEvent event
[Change 335757](https://gerrit-review.googlesource.com/c/gerrit/+/335757)
introduced the concept of the single event representing batch ref update.
However this new event did not preserve original order of the updated refs.
This impacts event consumers behaviour and can cause failures. For example
if meta ref is processed before patchset ref indexing operation will
fail because of the missing patchset.
The timeline of events is kept in the same order they are generated,
to make sure that refs order is preserved and backward compatibility
is kept.
* [Issue 40015399](https://issues.gerritcodereview.com/issues/40015399):
Removed automatic linkification of URLs that do not start with https?://
* [Issue 288303235](https://issues.gerritcodereview.com/issues/288303235):
Fix search duplicates returned for imported changes upon edits and reindexing
When parsing the change data from ChangeNotes, the in-memory
ChangeData created contains useful information like the serverId
that the change belongs to. The same information isn't there when
reindexing directly from a newly created entity Change which has
no relationship with the underlying change notes.
If the change to reindex is coming from a different server, it
has a specific serverId associated which is needed for producing
the correct virtualId for reindexing, that is the reason why
it is crucial to have the serverId upon reindexing.
Failing to propagate the original serverId for a change would result
in generating duplicates during reindex:
- The original document with the virtualId associated with the serverId
of the change
- A new document with the change number used as id.
Make sure to reindex the same document by propagating the correct
serverId of the change upon reindexing.
Leverage the ability to index either local or imported changes
in the following end-to-end use-cases:
- Editing a change (create, amend or delete)
- Indexing a change via REST-API
- Staleness checker
Amend also the ChangeIndexer.index(Change) JavaDoc by specifying
that it is intended to be used only for local changes and therefore
flag the method as deprecated.
All references to ChangeIndexer.index(Change) are removed from Gerrit,
however there could be plugins using the method which would need amending.
* [Change 377536](https://gerrit-review.googlesource.com/c/gerrit/+/377536):
Clarify that index.cacheQueryResultsByChangeNum must be set to false for imported changes
When importing changes from other Gerrit servers, the
index.cacheQueryResultsByChangeNum must be set to false, otherwise
the search results won't be reliable because of the inability to identify
a change data by change number.
* [Issue 40015248](https://issues.gerritcodereview.com/issues/40015248):
Fix parsing legacy labels for users with comma
This change fixes a bug introduced by change 336883 when parsing labels
where a UUID was present together with a user name containing a comma.
* [Issue 40015614](https://issues.gerritcodereview.com/issues/40015248):
Show correct cherry-picked list for imported changes
* [Issue 40015611](https://issues.gerritcodereview.com/issues/40015611):
Fix parsing of identities for imported accounts
Change I2f017af1cbb introduced the ability to resolve accounts by
imported external identities.
Not every consumer of account identities however were accounting for
imported accounts (i.e. changeNoesCache, AuditLogReader, etc).
The consequence of this is that REST APIs (/accounts/ for example),
were returning the _original_ imported account id rather than the one
associated in the new server.
Because of this, the UI might either show anonymous coward (when the
original user id does not exist in the new server) or an erroneous user
(where the original id maps to a different user on the new server).
Fix this by parsing identities in a way that is aware of imported
accounts.
* [Issue 40015611](https://issues.gerritcodereview.com/issues/40015611):
Fix identity parsing for imported human comments
When parsing human comments, noteDb data was just deserialized without
validating the author identity.
Whilst this is fine for changes that originated in the current Gerrit
instance, this logic breaks when dealing with changes that were imported
from a different server, since the user who made the comment is now
mapped to a different user id.
Parse author identities from comments so that their user id is correctly
mapped to the identity for the current Gerrit server.
* [Issue 40015148](https://issues.gerritcodereview.com/issues/40015148):
Fix ExternalId differential loading when cache is inconsistent
JGit may return a failure to update a repository, even if it actually
succeeded.
This can create an issue when loading externalIds, since
we would retry to insert the same value into the cache twice,
due to the retry performed by the client, leading the cache
loader to consistently blow up.
For example:
Ext-Id1:
* attempt to insert into All-Users: failed on JGit but not on disk [1]
* the key Ext-Id1 is stored in cache
Ext-Id1:
* retry to insert into All-Users, because of JGit failure
* try to add key Ext-Id1 entry BUT it already exists in cache => BOOM
Make differential loading idempotent to avoid failures due to retry to
insert the same entry again.
Make "buildAllExternalIds" package-private for testing visibility.
[1]: https://bugs.eclipse.org/bugs/show_bug.cgi?id=582044
* [Issue 40015093](https://issues.gerritcodereview.com/issues/40015093):
Fix Bazel build on Apple M2 ARM64 chip
According to [1] Bazel fails to select the correct java-tools
binaries for Apple's ARM64 chip and download the generic x86.
Apple the workaround suggested at [1] by disabling the download
of the pre-compiled java_tools, allowing Bazel to build them
locally using the correct architecture.
[1] https://github.com/bazelbuild/bazel/issues/13944
* [Change 371195](https://gerrit-review.googlesource.com/c/gerrit/+/371195):
Update Bazel version to 6.2.0
* [Change 372974](https://gerrit-review.googlesource.com/c/gerrit/+/372974):
Index searches with size greater than maxPageSize are no longer allowed
Queries with a 'start' parameter (for example like [1]) can perform
an index search with size greater than the configured maxPageSize,
i.e. when start + limit exceeds the maxPageSize. Fix such queries
to paginate instead.
[1] gerrit query --start 20000 'status:open limit:5'
### 3.7.3
* New Features
* [Change 364591](https://gerrit-review.googlesource.com/c/gerrit/+/364591)
Allow to hide download schemes from the UI
Allow hiding a download scheme in the UI while still allowing to use it.
* [Change 360221](https://gerrit-review.googlesource.com/c/gerrit/+/360221):
Add metric for memory allocated by all threads
Introduce [proc/jvm/memory/allocated](https://gerrit-review.googlesource.com/Documentation/metrics.html#_process)
which can be used to monitor total memory allocation rate causing work for the Java gc.
* Bug Fixes
* [Change 362914](https://gerrit-review.googlesource.com/c/gerrit/+/362914)
Fix internal server error caused by double flush in BaseCommand.TaskThunk
Ignore `SshChannelClosedException` when flushing the task's output and error
streams. JGit commands like `UploadPack` flush these streams already. When
`TaskThunk` tries to flush them again `SshChannelClosedException` is thrown
and led to an internal server error.
* [Change 364478](https://gerrit-review.googlesource.com/c/gerrit/+/364478):
AndSource: Run `isVisibleToPredicate` based on its cost
The `isVisible` check can be expensive and always running it ahead of other
cheaper predicates can increase the query time. Update `AndSource` to treat
`isVisibleToPredicate` like any other predicate so that it runs based on its
estimated cost.
* [Issue 16819](https://crbug.com/gerrit/16819):
Enable LDAP "Remember me" in login form per default
When users are presented with the LDAP login page, the "Remember me" checkbox
is disabled by default. This might be a problem because, if the user doesn't
explicitly click the checkbox, the session will be tied to the browser
session.
* [Issue 16814](https://crbug.com/gerrit/16814):
Improve `Rebase-SubmitStrategy` performance in some cases
Set uninteresting branches based on project configuration:
`create_new_change_for_all_not_in_target`.
* [Change 369415](https://gerrit-review.googlesource.com/c/gerrit/+/369415):
Fix metric computation with file paths in metric name.
Don't fail metric computation due to duplicated metric names.
* [Change 370354](https://gerrit-review.googlesource.com/c/gerrit/+/370354):
Improved performance of queries when backend index returns more results than needed
Matching changes more than the limit is just extra work that is discarded at
the end when the results are trimmed to match the limit. This can help improve
the performance of queries where a small percentage of changes are filtered
in the initial page and the remaining results are obtained from the next page.
* [Change 357834](https://gerrit-review.googlesource.com/c/gerrit/+/357834):
Improved performance for plugin-provided SSH commands that perform multiple
permission checks or ref lookups for the same project
Move creation of `PerThreadCache` to `SshCommand` so that the cache is available
to most commands, including plugins.
* [Change 361434](https://gerrit-review.googlesource.com/c/gerrit/+/361434):
Mark `LabelType.Builder#setFunction` as deprecated
Align the code with the
[documentation](https://gerrit-documentation.storage.googleapis.com/Documentation/3.6.3/config-labels.html#label_function).
* [Change 370835](https://gerrit-review.googlesource.com/c/gerrit/+/370835):
Enforce minimum Java version to Java 11.0.10 or higher
Since release 3.5 the minimum supported java version was raised to Java 11.
Since [Change 335625](https://gerrit-review.googlesource.com/c/gerrit/+/335625)
the minimum Java version 11.0.10 is required.
* [Issue 16884](https://crbug.com/gerrit/16884):
Fix switching plugin screens.
Backport of [Change 371094](https://gerrit-review.googlesource.com/c/gerrit/+/371094).
* [Issue 16823](https://crbug.com/gerrit/16823):
Fix the search by `inname:` predicate query in the project filter
Fix regression introduced in [Change 337994](https://gerrit-review.googlesource.com/c/gerrit/+/337994),
in context of [Issue 15134](https://crbug.com/gerrit/15134).
* [Change 370334](https://gerrit-review.googlesource.com/c/gerrit/+/370334)
Fix build on MacOS 13.3
Update bazel to 6.1.2 and remote_java_tools to 12.1 to fix build on MacOS 13.3
* Download-commands plugin fixes
* [Issue 15944](hhttps://crbug.com/gerrit/15944):
Update download-commands to latest master
* Dependency Updates
* Update jgit to 5ae8d28faaf6168921f673c89a4e6d601ffad78d.
* [JGit Bug 565854](https://bugs.eclipse.org/bugs/show_bug.cgi?id=565854)
`SshdSession`: close channel gracefully
Close the channel gracefully to give the server a chance to clean up properly on
its side.
* Update bouncycastle to 1.72.
* Update commons-compress to 1.22.
### 3.7.2
* New features
* [Change 362878](https://gerrit-review.googlesource.com/c/gerrit/+/362878)
Allow to hide download schemes from the UI
The new setting that is added is called download.hide.
* Bug Fixes
* [Change 364458](https://gerrit-review.googlesource.com/c/gerrit/+/364458):
Fix an issue when clicking on edit uses an old patchset
* [Issue 16072](https://crbug.com/gerrit/16072):
Fix "showchange" plugin event being triggered twice on patchset change
* [Issue 16589](https://crbug.com/gerrit/16589):
Do not emit a SHOW_CHANGE event without a change
* [Issue 16765](https://crbug.com/gerrit/16765):
Change gr-patch-range-select to use models instead of props
* [Change 362914](https://gerrit-review.googlesource.com/c/gerrit/+/362914)
Fix internal server error caused by double flush in BaseCommand.TaskThunk
* [Change 361434](https://gerrit-review.googlesource.com/c/gerrit/+/361434):
Mark label functions are deprecated
### 3.7.1
* New features
* [Change 351795](https://gerrit-review.googlesource.com/c/gerrit/+/353177):
New auto theme mode.
The theme is automatically changed to light/dark based on your OS preference.
The new auto-theme can be set in users' preferences.
* [Change 351774](https://gerrit-review.googlesource.com/c/gerrit/+/351774):
New copy links in the dropdown next to the change number.
New copy links and keyboard shortcuts or a button is added to the dropdown
next to the change number to quickly copy the format that you prefer for your
snippets.
* [Issue 16565](https://crbug.com/gerrit/16565):
Introduce cache.threads option to allow custom executors for Caffeine caches.
The introduction of `cache.threads` in `gerrit.config` allows to configure
a separate thread pool which can be tuned and decoupled from the
rest of the JVM common threads.
* [Change 353177](https://gerrit-review.googlesource.com/c/gerrit/+/353177):
Add tsconfig-plugins-base.json to Gerrit TypeScript Plugin API.
Adds `tsconfig-plugins-base.json` to the npm package so downstream plugins
can easily use the same set of TypeScript settings.
* [Issue 16445](https://crbug.com/gerrit/16445):
Add slice number to the change indexing task description.
To indicate to the administrator each task is indeed doing something
different, add the slice number if there is more than one slice in
total.
* [Change 356215](https://gerrit-review.googlesource.com/c/gerrit/+/356215):
Support `init --reindex-threads=-1` to skip reindexing after init.
Admins may wish to run other commands after `init` and before `reindex`, but
previously would have needed to observe and interrupt the `init` command
process once it started reindexing in order to do so. Providing an option to
`init` that skips the reindexing phase simplifies that workflow and makes it
less error prone.
* [Change 356234](https://gerrit-review.googlesource.com/c/gerrit/+/356234):
Add CUDA syntax highlighting.
* [Change 352534](https://gerrit-review.googlesource.com/352534):
Introduce `--show-cache-stats` for printing cache stats during `init` and `reindex`,
disabled by default.
* Bug Fixes
* [Change 351674](https://gerrit-review.googlesource.com/c/gerrit/+/351674):
SSH review cmd handles lock failures with retries.
Retrying on lock failures helps mitigating lock failures when there is
contention to lock the notedb ref. Retries were already implemented
in REST API code path at a high enough layer so that it applies for all
REST APIs.
* [Change 353594](https://gerrit-review.googlesource.com/c/gerrit/+/353594):
Inserting new patch-sets is retried on lock failures.
Mitigates failures when creating new patch-sets fails if the notedb
ref is locked for another update on the change.
* [Issue 14686](https://crbug.com/gerrit/14686), [Issue 14779](https://crbug.com/gerrit/14779), [Issue 16030](https://crbug.com/gerrit/16030):
In [Change 293978](https://gerrit-review.googlesource.com/c/gerrit/+/293978), eTag was
removed from GetRevisionActions, but not RevisionResource. This resulted
in the UI to show a stale 'submit' action on the change in the same
submission chain. The UI now uses RevisionResource eTag, that does not include
MergeSuperSet (all related changes).
* [Issue 16409](https://crbug.com/gerrit/16409):
Report pack protocol errors to the client via smart-HTTP.
A regression introduced by [JGit Change 1926771](https://git.eclipse.org/r/c/jgit/jgit/+/192677),
caused pack protocol errors to be reported as 500 Server errors.
Such situations should be reported to the user as a 200 OK containing the
details of the failed operation.
* [Change 351759](https://gerrit-review.googlesource.com/351759):
Fix `contrib/find-duplicate-usernames.sh` output when usernames contain spaces.
* [Issue 16449](https://crbug.com/gerrit/16449):
Fix project root computation in Gitweb servlet.
* [Change 356715](https://gerrit-review.googlesource.com/356715):
Fixed bug with negated label for queries with external groups.
* [Change 359176](https://gerrit-review.googlesource.com/359176):
Fix LabelPredicate group matching for included external groups.
* [Change 357874](https://gerrit-review.googlesource.com/357874):
Fixed ownerin/uploaderin for internal groups that include external groups.
* [Change 355054](https://gerrit-review.googlesource.com/355054):
Wrap #mobileSearch in a div.
Fixes an issue on wikimedia where the search button was hidden
even though the rules executed to make it show.
* [Issue 16433](https://crbug.com/gerrit/16433):
Fix 404 page shown after login using OpenID
* [Change 360134](https://gerrit-review.googlesource.com/360134):
Fix “Old Patchset” being displayed on current edits.
* [Change 359895](https://gerrit-review.googlesource.com/359895):
Fix gr-file-list to use change-model for patchSet.
* [Issue 16475](https://crbug.com/gerrit/16475):
Fix stream events message including comments created as draft.
Fixes a regression in v3.7 where the GUI stores the patchset-level
comments first as drafts and then publishes them.
* [Issue 16465](https://crbug.com/gerrit/16465):
Restores the ChangeNotes.Factory.createChecked with an open Repository object.
* [Issue 16421](https://crbug.com/gerrit/16421):
Don't ship auto-value-* and auto-factory dependencies.
* Dependency Updates
* Update jgit to a1901305b26ed5e0116f138bc02837713d2cf5c3.
Update from stable-6.1 to stable-6.5:
* Notable enhancements and fixes from [6.2.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.2.0) are:
* [4dd9a94e](https://git.eclipse.org/r/c/jgit/jgit/+/192433): Better feedback on SSH authentication failure
* [7b1c8cf14](https://git.eclipse.org/r/c/jgit/jgit/+/191924): Retry reading a file when there are concurrent writes
* [fed1a5493](https://git.eclipse.org/r/c/jgit/jgit/+/197714): Refresh 'objects' dir and retry if a loose object is not found
(Fixes cases where a new loose object is not immediately visible on a NFS
client if it was created on another client)
* [011c26ff3](https://git.eclipse.org/r/c/jgit/jgit/+/193939): Fix connection leak for smart http connections
* [ac127a793](https://git.eclipse.org/r/c/jgit/jgit/+/196849): Do not handle internal git errors as an HTTP error
* Notable enhancements and fixes from [6.3.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.3.0) are:
* [1a364c49e](https://git.eclipse.org/r/c/jgit/jgit/+/194200): JGit blame very slow for large merge commits that rename
files
* [66ace4b9](https://git.eclipse.org/r/c/jgit/jgit/+/193496): Do not check reachability of visible SHA1s in git-upload-pack
* [035e0e23](https://git.eclipse.org/r/c/jgit/jgit/+/194500): Do not prematurely terminate timer in case of error during git-upload-pack
* Notable enhancements and fixes from [6.4.0](https://projects.eclipse.org/projects/technology.jgit/releases/6.4.0) are:
* [fe9aeb02e6](https://git.eclipse.org/r/c/jgit/jgit/+/196497), [93097f0018](https://git.eclipse.org/r/c/jgit/jgit/+/196323): Receive and parse client [git session-id](https://git-scm.com/docs/gitprotocol-capabilities#_session_idsession_id)
* [59029aec3](https://git.eclipse.org/r/c/jgit/jgit/+/196905): Add option to allow using JDK's SHA1 implementation
* [3e7281662](https://git.eclipse.org/r/c/jgit/jgit/+/197151): UploadPackServlet#doPost use try-with-resource to ensure
UploadPack is closed
* [1e04046a6](https://git.eclipse.org/r/c/jgit/jgit/+/194411): Fix crashes on rare combination of file names
(This issue has been seen during offline reindex of changes with specific merge commits)
* Update sshd to 2.9.2
* [CVE-2022-45047](https://nvd.nist.gov/vuln/detail/CVE-2022-45047): Avoid using Java deserialization to load a serialized java.security.PrivateKey
* [SSHD-1302](https://issues.apache.org/jira/browse/SSHD-1302): Reading again from exhausted ChannelExec#getInvertedOut() throws IOException instead of returning -1
* [SSHD-966](https://issues.apache.org/jira/browse/SSHD-966): Deadlock on disconnection at the end of key-exchange
* [SSHD-1231](https://issues.apache.org/jira/browse/SSHD-1231): Public key authentication: wrong signature algorithm used (ed25519 key with ssh-rsa signature)
* [SSHD-1257](https://issues.apache.org/jira/browse/SSHD-1257): Shell is not getting closed if the command has already closed the OutputStream it is using.
* [SSHD-1261](https://issues.apache.org/jira/browse/SSHD-1261): Sometimes async write listener is not called
* [SSHD-1290](https://issues.apache.org/jira/browse/SSHD-1290): Race condition is logged in ChannelAsyncOutputStream
* Update mina-core to 2.0.23
* Update reviewnotes to 10db2cf772989d031c6f3558010c51fe07cf9722
* Documentation fixes
* [Change 353177](https://gerrit-review.googlesource.com/353177):