Google Git
Sign in
gerrit / homepage / master / . / pages / site / releases / 2.15.md
blob: cf782e7ad07457fdaf6c95deb42e7457bf4047d1 [file] [log] [blame] [view]
---
title: "Gerrit 2.15 Release"
permalink: 2.15.html
hide_sidebar: true
hide_navtoggle: true
toc: true
---
Download: **[2.15.22](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.22.war)**
| [2.15.21](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.21.war)
| [2.15.19](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.19.war)
| [2.15.18](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.18.war)
| [2.15.17](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.17.war)
| [2.15.16](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.16.war)
| [2.15.15](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.15.war)
| [2.15.14](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.14.war)
| [2.15.13](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.13.war)
| [2.15.12](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.12.war)
| [2.15.11](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.11.war)
| [2.15.10](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.10.war)
| [2.15.9](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.9.war)
| [2.15.8](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.8.war)
| [2.15.7](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.7.war)
| [2.15.6](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.6.war)
| [2.15.5](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.5.war)
| [2.15.4](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.4.war)
| [2.15.3](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.3.war)
| [2.15.2](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.2.war)
| [2.15.1](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.1.war)
| [2.15](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.war)
Documentation: **[2.15.22](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.22/index.html)**
| [2.15.21](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.21/index.html)
| [2.15.19](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.19/index.html)
| [2.15.18](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.18/index.html)
| [2.15.17](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.17/index.html)
| [2.15.16](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.16/index.html)
| [2.15.15](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.15/index.html)
| [2.15.14](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.14/index.html)
| [2.15.13](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.13/index.html)
| [2.15.12](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.12/index.html)
| [2.15.11](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.11/index.html)
| [2.15.10](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.10/index.html)
| [2.15.9](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.9/index.html)
| [2.15.8](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.8/index.html)
| [2.15.7](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.7/index.html)
| [2.15.6](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.6/index.html)
| [2.15.5](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.5/index.html)
| [2.15.4](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.4/index.html)
| [2.15.3](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.3/index.html)
| [2.15.2](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.2/index.html)
| [2.15.1](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.1/index.html)
| [2.15](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/index.html)
## Release Highlights
* New change workflows for changes not yet ready for full review (formerly
Drafts).
* The new PolyGerrit UI is mature enough for most uses.
* Account data is stored in
[NoteDb](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/config-accounts.html).
* NoteDb migration for change metadata is available for testing. However, it is
not yet recommended for production.
* Made several improvements and additions to the documentation to help users
find the information they need.
## Important Notes
### NoteDb migration
* NoteDb for change metadata is considered reasonably stable, and new sites use
it by default. However, because of
[Issue 10239](https://bugs.chromium.org/p/gerrit/issues/detail?id=10239) it
is recommended for existing sites to stay on ReviewDb and migrate to NoteDb
only after the upgrade to [2.16](../2.16.html).
### Schema Changes
This release contains schema changes. To upgrade:
``` sh
java -jar gerrit.war init -d site_path
```
### Support for draft changes removed
Support for draft changes and draft patch sets has been completely removed.
In most cases, the new Work-In-Progress workflow is a suitable replacement.
Note that in the Draft workflow, an individual patch set can be a Draft.
However, in both the new Work-In-Progress and Private workflows, WIP and Private
apply to the whole change, not an individual patch set.
When upgrading from an earlier version, draft changes are migrated.
This applies to all draft changes, or changes with draft patch sets
(even if the highest patch set is not a draft), as follows:
1. The "Draft" flag is removed from all patch sets.
1. If the change has been merged or abandoned, no further action is taken.
1. Otherwise, the change is moved to one of
* Work-In-Progress change (this is the default)
* Private change
The upgrade process prompts (once) for what Drafts should be migrated to;
either WIP (default) or Private.
The migration means that some draft patch sets, which were previously hidden,
might now be visible to some users who could not previously view them.
Change owners can make them private again using the "Mark Private" option
in the UI, or using the REST API.
### Votes no longer changed retroactively due to permissions
Historically, Gerrit would retroactively change votes on a label when
permissions for the voting user changed. For example, if a user voted
Code-Review+2, but then later lost permission to vote +2 (for example, was
removed from a Maintainers group), all CR+2 votes by that user on open changes
would suddenly appear as CR+1. In 2.15, this retroactive behavior no longer
applies: the CR+2 votes remain CR+2, even if permissions were changed.
This new behavior makes label permissions more consistent with other
permissions: usually, permission changes don't apply retroactively (you can't
un-submit a change), and the permission is only checked at the time an action is
performed. It also fixes some technical issues and improves performance of
reindexing changes.
### Release Signatures
Starting in the 2.14.x bugfix series, all release JARs and documentations are
signed by the [Gerrit
maintainers](public-keys.md). This
policy will continue for all future releases.
### New URL Scheme
By default, all Gerrit URLs generated and used by the UI include not just the
change number but the project name as well.
* `https://gerrit.mycompany.com/1234` becomes
`https://gerrit.mycompany.com/c/some/project/+/1234`
* `https://gerrit.mycompany.com/#/c/1234` becomes
`https://gerrit.mycompany.com/#/c/some/project/+/1234`
* `https://gerrit.mycompany.com/changes/1234` becomes
`https://gerrit.mycompany.com/some%2Fproject~1234`
In addition to providing more context to humans reading the URL, this new
scheme improves performance under NoteDb, and paves the way for load balancing
a multi-master installation with repository affinity.
Old URLs will continue to be supported, and simply redirect to the new URLs.
### NoteDb for Accounts
Almost all account data is now stored in
[NoteDb](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/config-accounts.html).
The account data is migrated automatically during the upgrade process by running
`gerrit.war init`.
The only account data not stored in NoteDb proper are the groups (remain in
ReviewDb) and the reviewed flags which were moved to an external database
(AccountPatchReviewDb) since [2.13](2.13.md).
For Gerrit slaves the
[branches that contain the account data](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/config-accounts.html#replication)
must be replicated.
### NoteDb for Changes
With this release, the new Gerrit storage backend,
[NoteDb](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/note-db.html),
is available for testing the new storage of change metadata. NoteDb is also the
default storage backend for new installations.
Support for ReviewDb will be removed in Gerrit 3.0. Gerrit 3.0 will only
support offline migration; to run an online migration, you must migrate to 2.16.x
on ReviewDb and then migrate to NoteDb.
### Daemon User Setup
The setup documentation now recommends setting up a user named `gerrit` instead
of `gerrit2`. This username can be anything; the choice of name doesn't affect
any functionality. However, some example commands in the documentation may
refer to the new `gerrit` user, so admins might need to tweak them to refer to
`gerrit2` instead.
### Strict validation on labels
In 2.15, posting a review including a vote on any labels that does not exist or is
outside of the permitted range based on the ACLs will now always result in a
failure of the entire operation. Previously, if the "strict labels" option was set
to disabled in the review input, votes to any invalid labels would be silently
ignored. This option has now been removed from the [REST API's ReviewInput](#rest-api)
as well as the [SSH review command](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/cmd-review.html).
CI systems that rely on the non-strict behavior of earlier Gerrit versions may
require additional configuration to avoid casting votes to labels which are
invalid for the change.
Following [feedback on the 2.15 release](https://groups.google.com/forum/?hl=en#!topic/repo-discuss/nMZo3HMgJSY)
a new configuration option `change.strictLabels` was introduced in [2.15.2](#2152)
to allow the new strict functionality to be optionally enabled. By default it is
disabled to maintain backwards compatibility with previous release.
### New limit on number of commits received by direct push
A limit is added on the number of commits Gerrit allows to be pushed
in a batch to a branch when bypassing review. The motivation is to
avoid push timeouts caused by commit validation during pushes containing
an excessive amount of new commits.
The default limit is 10000 and can be configured with the
[receive.maxBatchCommits](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/config-gerrit.html#receive.maxBatchCommits)
setting.
### Java runtime version requirement
Gerrit requires Java Runtime Environment (JRE) version 8; it is not compatible
with JRE 9 or newer yet. For more information, see
[Issue 7843](https://bugs.chromium.org/p/gerrit/issues/detail?id=7843).
### urlAlias unavailable in PolyGerrit
URL rewriting feature introduced in 2.12 via the
[`urlAlias` configuration](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/config-gerrit.html#urlAlias)
is not available in PolyGerrit and is also unavailable in future releases.
See [Issue 8054](https://bugs.chromium.org/p/gerrit/issues/detail?id=8054) for
more details.
## New Features
### PolyGerrit UI
* Implement admin interface (projects, groups and plugins).
* Refreshed UI based on material design.
* Add hashtag support.
* Add support to show uploader on change screen.
* Lots of bug fixes.
### New Workflows
#### Draft, Private, Work-In-Progress
The draft change feature has been removed, and replaced with two separate
features:
* [Private
changes](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/intro-user.html#private-changes)
are visible only to the owner and reviewers.
* [Work-in-progress
changes](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/intro-user.html#wip)
do not generate notifications.
#### Ignore Changes, Mark Reviewed
Changes can be [ignored, or
marked as reviewed](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/intro-user.html#ignore),
to reduce email notifications and keep dashboards cleaner.
#### Explicitly Record Reverted Changes
When a change is reverted via the "Revert" button, this fact is recorded in the
change metadata of the newly-created revert change, not just in the commit
message as in the past. A new search operator `revertof:` allows for searching
for reverts of a given change.
#### Delete Inline Comments
Individual inline comments can be deleted after the fact by site
administrators.
#### CCs Users By Email
Users may be CCed on changes by entering their email address, even if they have
not registered an account on the Gerrit server.
This feature is only available when using NoteDb.
#### Publish Comments on Push
When pushing new patch sets on a change or a series of changes, users can
configure Gerrit to automatically [publish any pending draft
comments](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/intro-user.html#publish-comments-on-push)
they have on those changes, avoiding the need to click through the web UI to
publish all comments.
#### Mark Changes Due to Rebase
When diffing two patch sets of the same change that have different parents,
some differences between the patch sets may be due to the rebase, instead of
changes between the patch set and its base. These differences are now
highlighted in the UI (PolyGerrit only), and are not counted towards the size
of diffs.
#### Improved Push Error Messages
When a push fails because the user does not have the required permission, the generic message
`(prohibited by Gerrit)` has been replaced with a detailed message describing
the exact permissions required.
### Documentation Updates
With this release, we have updated several sections of the documentation to
make it easier for users to find the information they need. These updates
include:
* New [Quickstart guide](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/linux-quickstart.html)
to install Gerrit on Linux
* New [About Gerrit](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/index.html#_about_gerrit)
section that helps to introduce users to Gerrit
* New [Concepts](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/index.html#_concepts)
section to explain Gerrit-specific concepts.
We have also made changes to improve navigation throughout the
documentation.
### REST API
#### Projects
* [ProjectInfo](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-projects.html#project-info)
now contains label configuration information.
#### Changes
* [Mark Private](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#mark-private)
* [Unmark Private](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#unmark-private)
* [Ignore](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#ignore)
* [Unignore](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#unignore)
* [Mark as Reviewed](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#mark-as-reviewed)
* [Mark as Unreviewed](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#mark-as-unreviewed)
* [ChangeInfo](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#change-info)
now records the change that this change was a revert of.
* [Get Pure Revert](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#get-pure-revert)
* [Delete Comment](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#delete-comment)
* [Apply Fix](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#apply-fix)
* [ChangeInfo](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#change-info)
now contains the submitter, for merged changes.
* [ReviewInput](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#review-input)
no longer offers the `strict_labels` option. It will behave as enabled with
earlier versions of Gerrit. The entire operation will now fail if any of the
labels used are not within the user's permitted range based on ACLs or if the
label is not configured for the project/branch.
#### Groups
* [GroupInfo](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-groups.html#group-info)
now contains a `created_on` field.
#### Config
* [Check Consistency](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-config.html#check-consistency)
### API
* New Java API for accessing plugins.
* New Java API for accessing custom project dashboards.
* New `getGroups` method in account API to get a user's group memberships.
* New `ChangeReportFormatter` extension point for customizing the report output
from `git push`.
* Instances of [IdString](https://gerrit.googlesource.com/gerrit/+/stable-2.15/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/restapi/IdString.java)
used to return true when `equals` was given a String instance equal to the
IdString's URL-encoded value. This violates
[symmetry](https://en.wikipedia.org/wiki/Equivalence_relation#Definition), so
this behavior was removed: IdStrings now never compare equal to Strings.
### Replication plugin
* It is now possible to replicate directly to another Gerrit instance.
It is possible to enable replication to different Gerrit instance by using
`gerrit+ssh://` as the protocol name followed by the hostname of another
Gerrit server.
### Hooks plugin
* Username parameters are added to hook invocations.
When an account parameter is passed to a hook, it gets formatted as
`Name (Email)` or just `Name` when the account does not have an email
address. If the account's name is not set, the name is "Anonymous
Coward". From this information it is not easy for a hook to get the
account's username.
All hooks that take an account parameter now automatically also get a
corresponding username parameter. For example if the hooks takes the
parameter `--change-owner Name (Email)` it will automatically also get
the parameter `--change-owner-username username`
## Dependency Updates
* Update Apache Commons Codec to 1.10
* Update Apache Commons Compress to 1.13
* Update Apache Commons Validator to 1.6
* Update Apache Mina SSHD to 1.6.0
* Update AutoValue to 1.4.1 (updated to 1.6.2 in 2.15.4)
* Update Blame Cache to 0.2-5
* Update Bouncy Castle to 1.57 (updated to 1.60 in 2.15.7)
* Update Dropwizard to 3.2.4
* Update GWT to 2.8.1
* Update Jetty to 9.3.18.v20170406 (updated to 9.3.24.v20180605 in 2.15.7)
* Update JGit to 4.9.0.201710071750-r (updated to 4.11.8.201904181247-r in 2.15.15)
* Update Joda-Time to 2.9.9
* Update juniversalchardet to 2.0.0
* Update Lucene to 5.5.4 (updated to 5.5.5 in 2.15.7)
* Update Pegdown to 1.6.0
* Update Polymer to 1.11.0
* Update Soy to 2017-04-23
## Bugfix Releases
### 2.15.22
* Security Fixes
* [Issue 13858](https://bugs.chromium.org/p/gerrit/issues/detail?id=13858)
[CVE-2021-22553](https://nvd.nist.gov/vuln/detail/CVE-2021-22553):
Fixed memory leak in Git-over-HTTP requests.
Unauthenticated users could exploit this problem in a Denial of Service attack,
causing the server to go out-of-memory.
### 2.15.21
* Security Fixes
* [Issue 13621](https://bugs.chromium.org/p/gerrit/issues/detail?id=13621)
[CVE-2020-8919](https://nvd.nist.gov/vuln/detail/CVE-2020-8919):
Make `PermissionBackend#ForRef` authoritative.
Fixes a misconception that leads to data being accessible through Gerrit
APIs that should be locked down.
Gerrit had two components for determining if a Git ref is visible to a
user: `(Default)RefFilter` and `PermissionBackend#ForRef` (e.g.,
`RefControl`). The former was always capable of providing correct results
for all refs. The latter only had logic to decide if a Git ref is visible
according to the Gerrit `READ` permissions. This includes all refs under
`refs/heads` as well as any other ref that isn't a database ref or a Git
tag. This component was unaware of Git tags and notedb-related refs. Hence,
when asked for a database reference such as `refs/changes/xx/yyyyxx/meta`,
the logic would allow access if the user has `READ` permissions on any of
the ref prefixes (such as the default "read refs/* Anonymous Users").
That was problematic, because it bypassed
[documented behavior](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.21/access-control.html)
where a user should only have access to a change if he can see the
destination ref. The same goes for other database references.
* [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514)
[CVE-2020-8920](https://nvd.nist.gov/vuln/detail/CVE-2020-8920):
Work around Gitiles bug on `All-Users` visibility.
Gitiles has a special `FilteredRepository` wrapper that allows carefully
hiding refs based on the project's ACLs. There is however an optimization
that skips the filtering in case a user has `READ` permissions on every ACL
pattern(s). When the target repository is `All-Users`, the optimization
turns into a security issue because it allows seeing all personal information
associated with all accounts, i.e.:
* draft comments
* draft edits
* personally identifiable information (PII) of all users
* external ids
This fix now blocks Gitiles or any other part of Gerrit to abuse this power
when the target repository is `All-Users`, where nobody can be authorized
to skip the ACLs evaluation anyway.
* Documentation Updates
* [Issue 12869](https://bugs.chromium.org/p/gerrit/issues/detail?id=12869):
Add 'Move a Change' section
[to user guide](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.21/intro-user.html#move).
### 2.15.20
This minor release has been withdrawn.
### 2.15.19
* Security Fixes
* [Issue 12717](https://bugs.chromium.org/p/gerrit/issues/detail?id=12717):
Deny access over HTTP for disabled accounts.
A disabled account was still able to access over HTTP until the existing
session expired.
* Bug Fixes
* [Issue 12637](https://bugs.chromium.org/p/gerrit/issues/detail?id=12637):
Fix SQL connection timeout during migration to schema 146 and 154.
A full GC is run at the beginning of the migration, after every 100k
accounts, and at the end of the migration. Additionally, bitmap index
generation is disabled during the migration.
### 2.15.18
* New Features
* Add a method on `ProjectConfig` to read from the repository.
Add a method that allows to read the config from the repository without
having to provide a `MetaDataUpdate` instance.
* Syntax highlighting for Jinja2 and Jenkinsfile formats.
* Replication Plugin Fixes
* [Issue 11573](https://bugs.chromium.org/p/gerrit/issues/detail?id=11573):
Fix dropping events during plugin restart.
* PolyGerrit UI Fixes
* Hide "HTTP Credentials" if auth is not `HTTP` or `HTTP_LDAP`.
* Elasticsearch Updates
* Add support for Elasticsearch 7.4.
* Update elasticsearch-rest-client to 7.4.2.
* Other Fixes
* Fix change message when automatically abandoning a change for a project
that has been deleted.
The change message and the message tag were inverted.
* Fix commit message subject when updating project description by REST API.
The tense of the commit message subject was inconsistent with other similar
messages.
* Fix commit timestamp when updating project configurations.
For some REST API operations that update the project configuration, the
commit that does the update on `refs/meta/config` had the wrong timestamp.
Rather than being the time of the actual commit, it was always the time
of the server startup.
This was the case for the following operations:
- Updating the description.
- Setting the parent project.
- Updating group names while getting access settings.
* Upgrade jackson-core to 2.10.0.
This version includes a fix for [CVE-2019-12384](https://nvd.nist.gov/vuln/detail/CVE-2019-12384).
* Add more detailed debug logging when not sending an outgoing email.
There are several conditions that could cause sending of an outgoing
email to be skipped. These are now logged at debug level.
* Increase severity to error for logging of exceptions during site initialization.
### 2.15.17
* [Issue 11356](https://bugs.chromium.org/p/gerrit/issues/detail?id=11356):
Allow to override auto-detected Lucene index configuration.
The new settings
[`index.name.maxMergeCount`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.17/config-gerrit.html#index.name.maxMergeCount),
[`index.name.maxThreadCount`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.17/config-gerrit.html#index.name.maxThreadCount) and
[`index.name.enableAutoIOThrottle`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.17/config-gerrit.html#index.name.enableAutoIOThrottle)
allow to manually configure the Lucene index, rather than using auto-detected
values, to improve performance.
* [Issue 11358](https://bugs.chromium.org/p/gerrit/issues/detail?id=11358):
Clarify plugin revisions in the documentation.
* Clarify documentation of `sshd.backend`.
* Upgrade JGit to 4.11.9.201909030838-r.
This version includes a fix for racy atomic ref updates.
* Upgrade elasticsearch-rest-client to 7.3.2.
* PolyGerrit UI Fixes:
* Fix HTML in commentLink when canonical web URL includes a base link.
* Add "Delete Changes" permission to the access editor.
* Remove obsolete "Delete Drafts" and "View Drafts" permissions from the access editor.
### 2.15.16
* [Issue 11248](https://bugs.chromium.org/p/gerrit/issues/detail?id=11248):
Fix refresh of project hierarchy cache when parent project is updated.
* [Issue 11204](https://bugs.chromium.org/p/gerrit/issues/detail?id=11204):
Replication plugin: Fix creation of missing repository when replicating to a Gerrit server.
* Fix internal server error when rebasing a change onto a non-existing base change.
* Fix internal server error that occurred sometimes when unstarring a change.
* Fix detecting changes of parent trees when computing change kind for a merge commit.
* Fix internal server error when requesting files for merge commit with invalid parent.
* Add a method on the commit API to get the commit info.
* Add methods on the change API to get comments and draft comments as lists.
* Log all errors when migrating to schema version 130.
* Reduce log spam of "setting reductionLimit" debug messages in the Prolog engine.
* [Issue 9450](https://bugs.chromium.org/p/gerrit/issues/detail?id=9450):
Add a git-review configuration for developers.
For developers used to using the [git-review tool](https://pypi.org/project/git-review/)
for interacting with gerrit servers, it's necessary to have a `.gitreview` file
in the repo in question pointing to where the gerrit is.
* Elasticsearch Updates:
* [Issue 11266](https://bugs.chromium.org/p/gerrit/issues/detail?id=11266):
Add support for Elasticsearch 6.8.
* [Issue 11267](https://bugs.chromium.org/p/gerrit/issues/detail?id=11267):
Add support for Elasticsearch 7.3.
* Update elasticsearch-rest-client to 7.3.1.
* PolyGerrit UI Fixes:
* [Issue 10733](https://bugs.chromium.org/p/gerrit/issues/detail?id=10733):
Fix anchor tag for settings page.
* [Issue 11344](https://bugs.chromium.org/p/gerrit/issues/detail?id=11344):
Fix commentlink URL when canonical URL includes a base link.
* [Issue 10281](https://bugs.chromium.org/p/gerrit/issues/detail?id=10281):
Set XSRF token for `/` to avoid potential unauthenticated errors after redirects from `/login/`.
### 2.15.15
* Add support for Elasticsearch 7.2.
* Upgrade JGit to 4.11.8.201904181247-r.
This version of JGit includes a fix in the resolve merger to handle conflicts
in submodules. See [the upstream issue](https://bugs.eclipse.org/bugs/show_bug.cgi?id=494551)
for details.
* [Issue 11016](https://bugs.chromium.org/p/gerrit/issues/detail?id=11016):
Fix failure to initialize on slave.
* [Issue 10664](https://bugs.chromium.org/p/gerrit/issues/detail?id=10664):
Fix duplicate key detection in MySQL patch review database.
* [Issue 10763](https://bugs.chromium.org/p/gerrit/issues/detail?id=10763):
Fix ACLs to allow regexes for tag and ref permissions.
The documentation states that reference names can also be described with
a regular expression by prefixing the reference name with `^`, but the UI
only showed the creation field when a non-regex name was used.
* [Issue 11106](https://bugs.chromium.org/p/gerrit/issues/detail?id=11106):
Fix missing comment context for left side in email notifications.
* [Issue 11082](https://bugs.chromium.org/p/gerrit/issues/detail?id=11082):
Close changes oldest first when submitting by direct push.
* [Issue 11086](https://bugs.chromium.org/p/gerrit/issues/detail?id=11086):
Unset the WIP flag when a change is closed by direct push.
* [Issue 10499](https://bugs.chromium.org/p/gerrit/issues/detail?id=10499):
Set default number of shards according to Elasticsearch version.
In Elasticsearch version 7.0 the default number of shards was reduced from
5 to 1.
See the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/getting-started-concepts.html#getting-started-shards-and-replicas)
for details.
* [Issue 10823](https://bugs.chromium.org/p/gerrit/issues/detail?id=10823):
Hooks plugin: Allow to configure the number of hook execution workers.
By setting `hooks.executorThreads` the number of workers can be configured.
If not set, it defaults to 1 which was the previously fixed value.
* Increase default number of SSHD threads to at least 4.
The default value of the `sshd.threads` setting is changed to be either two
times the number of available CPU cores, or 4, whichever is greater.
* Allow commit validation listeners to ignore the `skip-validation` push option.
Gerrit allows certain users to skip validation of new commits by passing
the `skip-validation` push option.
A new method `shouldValidateAllCommits` is added on the
`CommitValidationListener`, to allow plugin implemented validators to
override this option and always be invoked for new commits. The new
method has a default implementation that returns `false` meaning that
existing implementations don't need to be modified and will behave the
same as before.
* Optimize commit and ref operation validation for non-ff push.
On a non-ff push all the commits were validated before the ref operation
was validated. On a push with many commits, validating all the commits is
wasteful in the case where the ref operation is rejected. The logic is
changed so that the ref operation validation is performed before the commit
validation.
* Disallow change index task duplication.
It was possible for multiple index tasks to be queued for the same change.
* Fix error message when JRE is not found when starting Gerrit.
The error message recommended to check for a JRE ">= 1.7", but Gerrit requires
Java 8 minimum.
* Adapt `gerrit.sh` script to work on Alpine Linux.
* Expose the `createProject` method of the `CreateProject` class to plugins.
This allows plugins to directly invoke the project creation, avoiding the
checks that are performed when invoking via the `apply` method.
* Expose the jsr305 library in the plugin API.
* Expose Gerrit's GWT client library in the plugin API.
* [Issue 10855](https://bugs.chromium.org/p/gerrit/issues/detail?id=10855):
Fix transitive load of GWT_PLUGIN_DEPS for in-tree plugin builds.
* Make the wording of the "Change Merged" email templates consistent between the
HTML and text versions.
* Replication plugin fixes:
* [Issue 10852](https://bugs.chromium.org/p/gerrit/issues/detail?id=10852):
Make sure to always remove in-flight pushes.
* Cancel pending replications upon shutdown.
* Allow to configure timeout for SSH connections and SSH commands.
The timeouts can be configured with `gerrit.sshConnectionTimeout` and
`gerrit.sshCommandTimeout`, respectively.
* PolyGerrit UI fixes:
* Fix hiding the HTTP password screen.
It was possible for the HTTP password to be un-hidden using CSS.
* Add an extension point to allow adding links to the user header.
* Add an extension point to allow custom site footers.
* [Issue 5791](https://bugs.chromium.org/p/gerrit/issues/detail?id=5791):
Add an extension point to allow setting a site banner.
### 2.15.14
* Allow to disable log file rotation and compression.
On sites where log file rotation and compression is done by an external
service such as [logrotate](http://manpages.ubuntu.com/manpages/zesty/man8/logrotate.8.html),
administrators may wish to disable Gerrit's default log rotation and
compression.
This can now be done by setting `log.rotate` and `log.compress` to `false`.
The default value of both settings is `true`, to maintain consistent behavior
with previous releases.
* Improve performance of migration of accounts to schema 146.
* Migration of the accounts is parallelized. The default number of threads
used is the number of available processors. This can be customized using
the `threadcount` system property.
* Before the migration, `gc --prune=now` is executed.
* When hosted on `FileRepository`, refs are packed after migration of every
1000 accounts.
* A progress indicator counts every 100 accounts migrated.
* [Issue 10790](https://bugs.chromium.org/p/gerrit/issues/detail?id=10790):
Avoid evaluating submit rules twice for open changes.
Prolog submit rules were evaluated twice per page view for an open change,
which caused performance degradation on projects defining complex rules.
* [Issue 10943](https://bugs.chromium.org/p/gerrit/issues/detail?id=10943):
Set `References:` header on new change notification mail.
GMail changed the way
[emails are grouped in conversation view](https://gsuiteupdates.googleblog.com/2019/03/threading-changes-in-gmail-conversation-view.html),
which, combined with the fact that
[Amazon SES changes the `Message-ID` header](https://forums.aws.amazon.com/message.jspa?messageID=262855),
resulted in the new change notification email not being grouped with
subsequent emails related to the same change.
* [Issue 10952](https://bugs.chromium.org/p/gerrit/issues/detail?id=10952):
Fix definition of `PID` in `gerrit.sh`.
* Don't send "GPG keys added" notification when no GPG keys were added.
A GPG key update can include both addition and removal of GPG keys. The
notification email for addition of new keys was always sent, even if the
update only removed keys.
* Update email notifications on changing security related settings.
Email notifications are now sent when a GPG or SSH key is removed, and
when the HTTP password is deleted or changed.
An email notification is now always sent when an SSH key is added to an
account, even when it was added by an administrator.
These notifications allow to alert the user if their account is compromised
and keys or password are altered by the attacker.
* Remove explicit dependency on protobuf_java.
The protobuf_java library is now consumed from rules_closure.
* Add methods to generate and set the HTTP password on the accounts API.
* Elasticsearch fixes
* [Issue 10496](https://bugs.chromium.org/p/gerrit/issues/detail?id=10496) and
[Issue 10844](https://bugs.chromium.org/p/gerrit/issues/detail?id=10884):
Fix usage of `include_type_name` in index creation.
* Add support for Elasticsearch 7.1.
* Upgrade elasticsearch-rest-client to 7.1.1.
* PolyGerrit UI fixes
* [Issue 10549](https://bugs.chromium.org/p/gerrit/issues/detail?id=10549):
Fix single tab indentation in PolyGerrit diff view.
* [Issue 9409](https://bugs.chromium.org/p/gerrit/issues/detail?id=9409):
Fix replacement of file content when navigating between files with `[` and `]`.
* Upgrade polymer-resin to 2.0.1.
* Documentation Updates
* [Issue 10897](https://bugs.chromium.org/p/gerrit/issues/detail?id=10897):
Update links to Google individual and corporate CLA pages.
* Clarify that account must have a username to be able to set HTTP password.
* Fix formatting in project config documentation.
### 2.15.13
* [Issue 10695](https://bugs.chromium.org/p/gerrit/issues/detail?id=10695):
Upgrade JGit to 4.9.10.201904181027-r to fix regression in packfile list
handling.
If `core.trustfolderstat` was set to `false`, an infinite loop could occur
when an object was not found in the packfile.
* Add support for Elasticsearch 6.7.x and 7.0.x.
The elasticsearch-rest-client is upgraded to 7.0.0.
* Add new `SshExecuteCommandInterceptor` extension point.
The new extension point allows plugins to intercept ssh commands
and block their execution.
* Don't abort auto-abandoning if one change failed.
When failing to query a single change during auto-abandoning, the whole
process was aborted. Now the failure is logged and the process continues
to attempt to abandon subsequent changes.
* Install `AddKeyHtml.soy` template example during installation.
The installation of this template into `$site_path/etc/mail` was
omitted.
* Upgrade metrics-core to 4.0.5.
* PolyGerrit fixes:
* [Issue 8644](https://bugs.chromium.org/p/gerrit/issues/detail?id=8644):
Display group UUID for group audit log if group name is missing.
* [Issue 9000](https://bugs.chromium.org/p/gerrit/issues/detail?id=9000):
Fix adding groups created by the singleusergroup plugin.
* Do not show the HTTP credentials screen when auth type is not HTTP.
### 2.15.12
* [Issue 10562](https://bugs.chromium.org/p/gerrit/issues/detail?id=10562):
Upgrade JGit to 4.9.9.201903122025-r to fix corruption of packfile
list due to concurrent access during GC.
See [JGit issue 544199](https://bugs.eclipse.org/bugs/show_bug.cgi?id=544199)
for details.
* [Issue 10531](https://bugs.chromium.org/p/gerrit/issues/detail?id=10531):
Fix LocalUsernamesToLowerCase program.
The program failed with a "guice configuration error".
* [Issue 10564](https://bugs.chromium.org/p/gerrit/issues/detail?id=10564):
Fix case-insensitive searching of hashtags.
The index field has always been stored lowercase, since we intended
hashtag searches to be case-insensitive. However, we never converted the
input string to lower case, with the unexpected result that searching
for `hashtag:ACamelCaseTag` would not return results for changes who
contain that exact hashtag.
The documentation also incorrectly stated that the hashtag search was
an exact match.
* [Issue 10568](https://bugs.chromium.org/p/gerrit/issues/detail?id=10568):
Add `is:submittable` to search suggestions.
* [Issue 10587](https://bugs.chromium.org/p/gerrit/issues/detail?id=10587):
Fix setting group visibility in PolyGerrit.
### 2.15.11
* [Issue 10106](https://bugs.chromium.org/p/gerrit/issues/detail?id=10106):
Fix internal server error when updating project access via REST API
without specifying 'action' entity.
* [Issue 10488](https://bugs.chromium.org/p/gerrit/issues/detail?id=10488):
Fix listing of GPG public keys.
The GPG public keys were truncated in the output of the GPG key REST API
endpoints.
* [Issue 10415](https://bugs.chromium.org/p/gerrit/issues/detail?id=10415):
PolyGerrit UI: Fix replacement of project name placeholder in download command.
* Fix authentication for LFS over SSH.
* Add logging of prolog rule reduction limits.
The configured values of `rules.reductionLimit` and `rules.compileLimit`
are logged at INFO level at server startup, and the effective value applied
to a predicate is logged at DEBUG level.
* Improve error message when JRE cannot be found during site start.
* Upgrade elasticsearch-rest-client to 6.6.1.
### 2.15.10
* [Issue 10452](https://bugs.chromium.org/p/gerrit/issues/detail?id=10452):
Fix daemon startup in slave mode.
* [Issue 10428](https://bugs.chromium.org/p/gerrit/issues/detail?id=10428):
Fix binding of AuditListeners for plugin tests.
* Improve error messages emitted from commit validators.
* Add a method to get revision votes on the revision API.
* Add support for Elasticsearch 6.6.
* PolyGerrit fixes
* Add warning that Javascript is required to use PolyGerrit.
* [Issue 8740](https://bugs.chromium.org/p/gerrit/issues/detail?id=8740):
Disable deps.js requests in the index template to fix page load delay.
### 2.15.9
* [Issue 10326](https://bugs.chromium.org/p/gerrit/issues/detail?id=10326):
Fix excessive heap and CPU usage when listing projects.
* [Issue 10021](https://bugs.chromium.org/p/gerrit/issues/detail?id=10021):
Encode and quote project name in download commands.
* [Issue 10317](https://bugs.chromium.org/p/gerrit/issues/detail?id=10317):
Don't show "Same Topic" for only one change.
When there is only one change in the topic, it doesn't add any value
to show the "Same Topic" tab/section because it will always only include
the currently viewed change.
The query used to get the changes is modified to exclude the current
change. This means that the "Same Topic" tab/section now only shows other
changes in the same topic, but never the current change.
* Create the `.git/hooks` folder in download commands.
* Add method to get related changes in the Changes API.
* Add method to get edit details in the Change Edit API.
The new method allows to set the base revision, and request to include the
files and download commands.
* Add method to set a file's "reviewed" flag on the File API.
* Fix internal server error when getting commit info for root commit.
* Add `--skip-project` option to the `MigrateToNoteDb` command.
This is useful when only a few projects should be skipped but all others
should be migrated.
* PolyGerrit fixes
* [Issue 7669](https://bugs.chromium.org/p/gerrit/issues/detail?id=7669),
[Issue 9614](https://bugs.chromium.org/p/gerrit/issues/detail?id=9614):
Fix '/' getting typed in the search bar when pressed.
* [Issue 10151](https://bugs.chromium.org/p/gerrit/issues/detail?id=10151):
Fix support for deleting branches.
* [Issue 10019](https://bugs.chromium.org/p/gerrit/issues/detail?id=10019):
Fix deletion of branch that `HEAD` pointed to after `HEAD` was moved to a
different branch.
### 2.15.8
* [Issue 10262](https://bugs.chromium.org/p/gerrit/issues/detail?id=10262):
Upgrade JGit to 4.9.8.201812241815-r to fix validation of `wants` in
`git-upload-pack` for protocol v0 stateless transports.
AdvertiseRefsHook was not called for `git-upload-pack` in protocol v0
stateless transports, meaning that `wants` were not validated and
a user could fetch anything that is pointed to by any ref (using fetch-by-sha1),
as long as they could guess the object name.
* [Issue 10242](https://bugs.chromium.org/p/gerrit/issues/detail?id=10242):
Fix regression that allows a user's account to be taken over when multiple
authentication providers are in use.
A regression introduced in 2.14.7 allowed a user's account to be taken
over by creating an account on a different provider with exactly the same
username as the existing Gerrit account.
* [Issue 10082](https://bugs.chromium.org/p/gerrit/issues/detail?id=10082):
Decouple online reindex activation from index module.
Plugins were not loaded before online indexing was triggered, resulting
in plugin-contributed submit rules not being evaluated during indexing.
Online reindex activation is now decoupled from the index module and
thus postpones the triggering of online reindexing until after loading
of the plugins.
* [Issue 9024](https://bugs.chromium.org/p/gerrit/issues/detail?id=9024):
Fix setting `PRIVATE` and `WIP` for updated changes in console report.
In some cases the private and work-in-progress status indicator for
changes updated by push was shown incorrectly.
* [Issue 10038](https://bugs.chromium.org/p/gerrit/issues/detail?id=10038):
Add support for Elasticsearch 6.5.
* [Issue 9768](https://bugs.chromium.org/p/gerrit/issues/detail?id=9768):
Explicitly set the number of shards and replicas for Elasticsearch, and
allow them to be configured.
From Elasticsearch version 7 the default number of shards per node
will be changed from 5 to 1.
The number of shards and number of replicas are now explicitly set when
creating the index.
The new settings `elasticsearch.numberOfShards` and `elasticsearch.numberOfReplicas`
allow the values to be configured. The default values are 5 and 1,
respectively, which is the same as the default values used by Elasticsearch
prior to version 7.
* Fix incorrect json in the example for the 'Set Access' REST endpoint.
* [Issue 10263](https://bugs.chromium.org/p/gerrit/issues/detail?id=10263):
Include edit ref in `EditInfo` element returned by the edit API.
It was not possible for users of the Java API to get the edit ref.
* Upgrade elasticsearch-rest-client to 6.5.4.
* Discontinue support for Elasticsearch 2.4.
* Add preliminary support for Elasticsearch 7.
Support for Elasticsearch 7 is added, and tested against the `alpha1`
release.
* [Issue 10112](https://bugs.chromium.org/p/gerrit/issues/detail?id=10112):
Upgrade rules_closure to make Gerrit buildable with the latest Bazel version.
* [Issue 9781](https://bugs.chromium.org/p/gerrit/issues/detail?id=9781):
Allow to disable the groups relevance filtering for LDAP.
* Upgrade jackson-core to 2.9.8.
[Version 2.9.8](https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8)
includes several bug fixes, including security fixes.
* Add a new method on the account API to set the account name.
* Add new methods on the project API to get/set the project's `HEAD`.
* Add a new method on the commit API to get "included in" information.
### 2.15.7
* [Issue 9952](https://bugs.chromium.org/p/gerrit/issues/detail?id=9952):
Upgrade dependencies to newer versions to fix CVEs.
* [CVE-2015-1832](https://nvd.nist.gov/vuln/detail/CVE-2015-1832):
Upgrade Apache Derby to 10.12.1.1
* [CVE-2018-10936](https://nvd.nist.gov/vuln/detail/CVE-2018-10936):
Upgrade postgresql to 42.2.5
* [CVE-2017-12629](https://nvd.nist.gov/vuln/detail/CVE-2017-12629):
Upgrade Lucene to 5.5.5
* [CVE-2018-10237](https://nvd.nist.gov/vuln/detail/CVE-2018-10237):
Upgrade guava to 24.1.1-jre
* [CVE-2018-1000180](https://nvd.nist.gov/vuln/detail/CVE-2018-1000180),
[CVE-2018-1000613](https://nvd.nist.gov/vuln/detail/CVE-2018-1000613):
Upgrade Bouncycastle to 1.60
* [CVE-2017-7656](https://nvd.nist.gov/vuln/detail/CVE-2017-7656),
[CVE-2017-7657](https://nvd.nist.gov/vuln/detail/CVE-2017-7657),
[CVE-2017-7658](https://nvd.nist.gov/vuln/detail/CVE-2017-7658),
[CVE-2017-9735](https://nvd.nist.gov/vuln/detail/CVE-2017-9735),
[CVE-2018-12536](https://nvd.nist.gov/vuln/detail/CVE-2018-12536):
Upgrade Jetty to 9.3.24.v20180605
* [Issue 9969](https://bugs.chromium.org/p/gerrit/issues/detail?id=9969):
Fix incorrect dependency on httpcore-nio for Elasticsearch.
The Elasticsearch REST client depends on version 4.4.5 of httpcore-nio,
but the version provided by Gerrit was 4.4.1.
* Remove dependency on httpmime.
httpmime was a dependency of Apache Solr, which was removed from Gerrit
some time ago.
* Upgrade Elasticsearch REST client to 6.4.3.
* Fix logic for updating display name on authentication.
The display name was only being updated in the case when the authentication
realm did not allow updates.
* [Issue 9982](https://bugs.chromium.org/p/gerrit/issues/detail?id=9982):
Trigger audit for git over HTTP commands.
`git-receive-pack` and `git-upload-pack` commands were only audited for
git over SSH.
* [Issue 9974](https://bugs.chromium.org/p/gerrit/issues/detail?id=9974):
Fix redirection to documentation index page.
* [Issue 7306](https://bugs.chromium.org/p/gerrit/issues/detail?id=7306) and
[Issue 9321](https://bugs.chromium.org/p/gerrit/issues/detail?id=9321):
Fix URL routing.
### 2.15.6
* [Issue 9836](https://bugs.chromium.org/p/gerrit/issues/detail?id=9836):
Fix database connections leaks.
The fix for [issue 9823](https://bugs.chromium.org/p/gerrit/issues/detail?id=9823)
in 2.15.5 introduced a database connection leak.
* Update JGit to 4.9.7.201810191756-r.
* Fixes a file handle leak in the LFS file server. Note: this fix requires the
LFS plugin to be updated.
* Allows the path or url to be absent in the validation of `.gitmodules` files.
* Fixes malformed Javadoc.
* [Issue 9419](https://bugs.chromium.org/p/gerrit/issues/detail?id=9419):
Allow users to remove themselves as reviewer from an abandoned change.
* [Issue 9880](https://bugs.chromium.org/p/gerrit/issues/detail?id=9880):
Fix notifications when a WIP change is reviewed using the `review` ssh command.
Instead of only the owner being notified, all reviewers were notified.
* Mark cherry-pick change as WIP if source change is WIP.
If a work-in-progress change is cherry-picked to another branch the
created cherry-pick change should be marked as work-in-progress too.
### 2.15.5
* Update JGit to 4.9.6.201810051924-r to fix
[CVE-2018-17456](https://nvd.nist.gov/vuln/detail/CVE-2018-17456).
This release of JGit implements validation of `.gitmodules` files to protect
unguarded tools against CVE-2018-17456.
* [Issue 9823](https://bugs.chromium.org/p/gerrit/issues/detail?id=9823):
Fix force push permission check for administrators and project owners over SSH.
It was possible for an administrator or project owner to force push to
a project over SSH without having the Force Push permission.
This issue did not affect regular users, or pushes over HTTP.
* Update jackson-core to 2.9.7.
There have been several releases since 2.6.6 including many bug fixes
and security fixes.
* Update elasticsearch-rest-client to 6.4.2.
* [Issue 9705](https://bugs.chromium.org/p/gerrit/issues/detail?id=9705):
Fix blank dropdown for 'Only serve as parent for other repositories' option
when creating a new repository.
* [Issue 9610](https://bugs.chromium.org/p/gerrit/issues/detail?id=9610):
Add support for showing the 'effective' value of the max object size limit
setting.
* [Issue 9787](https://bugs.chromium.org/p/gerrit/issues/detail?id=9787):
Fix permission check for toggling WIP flag when posting review.
* [Issue 9655](https://bugs.chromium.org/p/gerrit/issues/detail?id=9655):
Fix support for setting owner of group to a single user.
### 2.15.4
* [Issue 7053](https://bugs.chromium.org/p/gerrit/issues/detail?id=7053):
Modify search autocompletion to include only email.
* [Issue 8859](https://bugs.chromium.org/p/gerrit/issues/detail?id=8859):
Skip plugin capability check for administrators.
* [Issue 7896](https://bugs.chromium.org/p/gerrit/issues/detail?id=7896) and
[Issue 9674](https://bugs.chromium.org/p/gerrit/issues/detail?id=9674):
Fix compatibility with MS Edge.
* [Issue 9642](https://bugs.chromium.org/p/gerrit/issues/detail?id=9642):
Fix rendering of 'Ready' and 'Start Review' buttons.
* [Issue 8472](https://bugs.chromium.org/p/gerrit/issues/detail?id=8472):
Count unresolved message threads within thread groups rather than by leaves.
* [Issue 7911](https://bugs.chromium.org/p/gerrit/issues/detail?id=7911)
and [Issue 9506](https://bugs.chromium.org/p/gerrit/issues/detail?id=9506):
Fix text overflow.
* [Issue 8202](https://bugs.chromium.org/p/gerrit/issues/detail?id=8202):
Add current patch set to `wip-state-changed` and `private-state-changed`
events.
* [Issue 9483](https://bugs.chromium.org/p/gerrit/issues/detail?id=9483):
Perform fonts preloads in "anonymous" cross-origin mode.
* [Issue 8582](https://bugs.chromium.org/p/gerrit/issues/detail?id=8582):
Turn off autoReindexIfStale by default.
* [Issue 7750](https://bugs.chromium.org/p/gerrit/issues/detail?id=7750):
Fix enforcing of signed push when 'Require signed push' is enabled.
* Remove unused font files.
* [Issue 9670](https://bugs.chromium.org/p/gerrit/issues/detail?id=9670):
Add support for Elasticsearch 6.4.0.
* [Issue 9711](https://bugs.chromium.org/p/gerrit/issues/detail?id=9711):
Add a change deleted event.
Since 2.14 it is possible to delete changes, however there was no specific
event emitted. A new change deleted event is added, which is notified to
`stream-events` clients. The hooks plugin is updated to support a `change-deleted`
hook.
* [Issue 9689](https://bugs.chromium.org/p/gerrit/issues/detail?id=9689):
Fix visibility of tag creation form on the project screen (GWT).
The tag creation form was shown when the user had "Create Reference" permission
on `refs/*` or `refs/heads/*` (but not `refs/tags/*`).
* [Issue 9528](https://bugs.chromium.org/p/gerrit/issues/detail?id=9528):
Allow project-level
[`receive.maxObjectSizeLimit`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.4/config-project-config.html#receive.maxObjectSizeLimit)
to be inherited from parent project.
It is possible to set the limit per project in the `project.config` on
`refs/meta/config`, and at global level in `$site/etc/gerrit.config`. The
project setting may override the global setting if it is lower. Changing
the global setting requires a server restart.
A limitation of this implementation is that we cannot set the limit at a
project level and have it inherited to its child projects; it is necessary
to explicitly set the limit on each child project.
A new global option
[`receive.inheritProjectMaxObjectSizeLimit`](http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.4/config-gerrit.html#receive.inheritProjectMaxObjectSizeLimit)
is added, and when this is enabled the project-level setting is inherited
from the parent. This new setting is disabled by default to keep backwards
compatibility with the original behavior.
* Allow more email RFC characters in the username.
It was possible to set a username with an email-address-like string, but
only as far as the fact that the `@` character was allowed. Most of the
other characters allowed by [the RFC](https://www.mailboxvalidator.com/resources/articles/acceptable-email-address-syntax-rfc/)
were not allowed.
* Ensure user authentication in `AllRequestFilter` filters.
The order of filters made request authentication only work when the HTTP
request was issued from the Gerrit UI, but not work when REST API was used.
* commit-message-length-validation plugin: Use "warning" prefix to allow
colorization of remote output.
From version 2.19 of git, the "warning" keyword will be highlighted
in the remote output when `color.remote` is enabled in the git config.
* Fix display of "Delete Changes" permission in access screen on GWT UI.
* Fix permission check when deleting a single branch with the "Delete Branches"
REST endpoint.
* Include cause in exception when failing to save config in the "Set Config"
REST endpoint.
* [Issue 9482](https://bugs.chromium.org/p/gerrit/issues/detail?id=9482):
Fix staleness checker for URL-encoded project names.
* Validate connections when sending a request to the database.
In some cases it was possible to attempt to reuse an already closed
connection, which resulted in an internal server exception.
* [Issue 9586](https://bugs.chromium.org/p/gerrit/issues/detail?id=9586) Reload
change page to land on the latest patch set after change submission in
PolyGerrit.
* Upgrade JGit to 4.9.5.201809180939-r.
* [Issue 9153](https://bugs.chromium.org/p/gerrit/issues/detail?id=9153):
Fix querying for filenames with special characters.
* [Issue 9667](https://bugs.chromium.org/p/gerrit/issues/detail?id=9667):
Fix handling of output stream in LFS server.
* Fix errors during cleanup after deleting refs.
* Fix errors during cleanup after running garbage collection.
* Fix atomic lock file creation on NFS.
* [Honor trustFolderStats also when reading packed-refs](https://git.eclipse.org/r/#/c/112015/).
Users should note that for repositories with a high number of references
(for example in excess of 300K refs) and in a server with high traffic,
this solution may not scale well and should be tested carefully.
* Upgrade guice to 4.2.0.
Guice [version 4.2.0](https://github.com/google/guice/wiki/Guice42)
includes performance improvements.
* Upgrade elasticsearch-rest-client to 6.4.1.
* Upgrade Dropwizard Metrics to 4.0.3.
* Upgrade auto-value to 1.6.2.
* Upgrade PostgreSQL connector to 42.2.4.
* Upgrade MariaDB connector to 2.3.0.
### 2.15.3
* [Issue 8915](https://bugs.chromium.org/p/gerrit/issues/detail?id=8915):
Fix file handle leak when running GC.
Upgrade JGit to 4.9.2.201712150930-r.15-g5fe8e31d4 which includes a
[fix](https://git.eclipse.org/r/124285) to prevent the file handle
leak.
* [Issue 8866](https://bugs.chromium.org/p/gerrit/issues/detail?id=8866):
Add project and account settings to create new changes as WIP by default.
* [Issue 6094](https://bugs.chromium.org/p/gerrit/issues/detail?id=6094)
and [Issue 9112](https://bugs.chromium.org/p/gerrit/issues/detail?id=9112):
Add support for Elasticsearch versions 5 and 6.
Support is added for Elasticsearch versions 5.6 (tested with versions 5.6.9
and 5.6.10), 6.2 (tested with version 6.2.4) and 6.3.1.
Version 2.4 is still supported (tested with version 2.4.6).
Instead of using the 'Jest' client to communicate with Elasticsearch, the
Elasticsearch low level API is now used.
Support for Elasticsearch is still considered experimental, and is not
recommended for production use.
* [Issue 9372](https://bugs.chromium.org/p/gerrit/issues/detail?id=9372):
Simplify the configuration of Elasticsearch servers.
Instead of specifying each server in a separate `[elasticsearch "name"]`
section, with separate values `protocol`, `hostname`, and `port`, the
servers are now configured as a list of `server` values in the
`[elasticsearch]` section.
This also fixes [Issue 9383](https://bugs.chromium.org/p/gerrit/issues/detail?id=9383)
where a "default" server `http://localhost:9200` would be added by
the site initialization even if other servers were already explicitly
configured.
During startup the list of configured Elasticsearch servers is logged
at info level.
* [Issue 9146](https://bugs.chromium.org/p/gerrit/issues/detail?id=9146) and
[Issue 9147](https://bugs.chromium.org/p/gerrit/issues/detail?id=9147):
Fix Elasticsearch queries for results with substrings in keywords.
Doing a query that involved the characters "." and "_" from full text fields
did not include results with keywords as a substring. This behavior was
different from Lucene, where these two characters are mapped to the space
character (" ") so that the query returns keywords separated by them.
* Allow to omit the `elasticsearch.username` setting.
If `elasticsearch.password` is specified, the `username` can be omitted and
it will default to `elastic` which is the default username configured
when running Elasticsearch with security enabled.
* Allow to assign "Delete Own Changes" permission to "Change Owners".
It was only possible for a user to delete their own change if they were
a member of a group that was assigned the "Delete Own Changes" permission.
This was counter-intuitive as it was necessary to either create a specific
group, or assign the permission to "Registered Users".
It is now possible to assign this permission to the "Change Owners"
virtual group.
* [Issue 9354](https://bugs.chromium.org/p/gerrit/issues/detail?id=9354):
Add "Delete Changes" permission.
It was only possible for a user to delete another user's change if they
were a member of a group that was assigned the "Administrate Server"
permission.
A new "Delete Changes" permission is added. This permission can be
assigned to a group, or to the "Project Owners" virtual group.
* [Issue 9345](https://bugs.chromium.org/p/gerrit/issues/detail?id=9345):
Fix creation of plugin log file when `log4j.configuration` is set
When the environment variable `log4j.configuration` is set, log files
defined by plugins were not created because the appender couldn't be
found.
* Fix repeated `Change-Id` in error message when `Change-Id` line is not
in the footer.
* [Issue 9245](https://bugs.chromium.org/p/gerrit/issues/detail?id=9245):
Return the correct information in JSON response after moving a change.
When moving a change by the REST API, the JSON response contained the
branch name of the original destination rather than the new destination.
* Fix internal error when moving a change to a branch that does not have a label.
If a change had a score on a label that was only configured on the
original branch, moving to a destination branch that did not have the
label caused an internal error.
* Fix internal error when moving a change without specifying the destination.
Omitting the destination branch in the input caused an internal error.
* Fix internal error when deleting a comment without providing input.
The input is optional on the [Delete Comment](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15/rest-api-changes.html#delete-comment)
REST endpoint, but calling it without input resulted in an internal error.
* Fix internal error when rebuilding Note DB and a change is missing from Review DB.
* Fix omission of 'branch' values when saving project config.
The 'branch' values were omitted when saving the config, resulting in them
being lost.
* [Issue 9195](https://bugs.chromium.org/p/gerrit/issues/detail?id=9195):
Strip comment lines out of commit message when creating change.
When a change was created from the UI (or via the 'Create Change' REST
API), and the commit message consisted of only a subject beginning with
a hash character (`#`), the change was created with a zero Change-Id.
This was because lines beginning with `#` are considered to be comments,
and are stripped from the commit message by JGit before computing the
Change-Id for the commit.
Before attempting to create the change, Gerrit now strips out any comment
lines from the commit message and returns an error if this results in
the commit message being empty.
* [Issue 9389](https://bugs.chromium.org/p/gerrit/issues/detail?id=9389):
Fix support for syntax highlighting of Clojure source files in the PolyGerrit UI.
* [Issue 5316](https://bugs.chromium.org/p/gerrit/issues/detail?id=5316):
Fix incorrect relative URL paths in Gitiles links in the PolyGerrit UI.
* Fix internal server error when generating email sender name for
non-existing account.
* Add `--generate-http-password` option to the ssh `set-account` command.
To bring the ssh command more in-line with the REST API for a user, it
is now possible to generate a new HTTP password.
This allows ordinary users to generate a new HTTP password via ssh when
they cannot log in to the web UI (e.g. due to being a service account).
Access to the `set-account` command is also relaxed; normal users may
use it to set a new password on their own account.
* Sanitize values of `user.name` and `user.email` from `gerrit.config`.
The `user.name` and `user.email` settings were being read as-is, which
would allow them to be configured with values that may interfere with
standard email name/address parsing.
* Fix the default text in the 'Password' field on the 'HTTP Password' screen
in the GWT UI.
The default text said "(click 'generate' to revoke an old password)" but the
label of the button is actually "Generate Password".
* Add reporting of work queue related metrics.
Metrics are reported for core work queues. For work queues created by plugins,
metrics are not reported.
### 2.15.2
* [Issue 8861](https://bugs.chromium.org/p/gerrit/issues/detail?id=8861):
Fix generation of change numbers to prevent duplicates.
When migration to NoteDb was aborted, and then started again later,
generated change numbers overlapped with change numbers created in
ReviewDb in the meantime.
* [Issue 8931](https://bugs.chromium.org/p/gerrit/issues/detail?id=8931):
Pass the project name to 'change indexed' event listeners.
When NoteDb is enabled, the change information is stored in the project's
git repository. Without the project name, plugins were not able to retrieve
the change information.
* [Issue 8742](https://bugs.chromium.org/p/gerrit/issues/detail?id=8742):
Fix infinite loop in intraline diff loader.
A regression introduced in 2.15.1 caused excessive CPU usage when loading
intraline diffs.
* [Issue 8697](https://bugs.chromium.org/p/gerrit/issues/detail?id=8697):
Restore the ability to ignore invalid review labels.
In 2.15 the `strict_labels` attribute was removed from the review input
entity, and Gerrit no longer silently ignores invalid label scores. This
caused breakage in CI systems that submit reviews post-merge and don't
have different configurations for if the change is already merged or not.
For example the Gerrit Trigger Plugin was broken, as
[discussed on the Gerrit mailing list](https://groups.google.com/forum/?hl=en#!topic/repo-discuss/nMZo3HMgJSY).
A new configuration [`change.strictLabels`](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.2/config-gerrit.html#change.strict_labels)
is introduced. When enabled, Gerrit will reject invalid labels, otherwise
will silently ignore them. By default it is disabled, for backwards
compatibility with previous releases.
* [Issue 8728](https://bugs.chromium.org/p/gerrit/issues/detail?id=8728):
Allow percent encoding in patch set titles.
* [Issue 8850](https://bugs.chromium.org/p/gerrit/issues/detail?id=8850):
Fix `reviewerin:` search results when user is added as CC.
The `reviewerin:` search should only return users that were added as a
reviewer, but was also including users that were added as CC.
* [Issue 8817](https://bugs.chromium.org/p/gerrit/issues/detail?id=8817):
Fix internal server error when listing projects and a repository is not available.
The new permission backend was throwing an error when a repository could
not be found. Now it is simply omitted from the project list.
* [Issue 8643](https://bugs.chromium.org/p/gerrit/issues/detail?id=8643):
Properly display the status of "Work in Progress" changes.
When a change was submittable (i.e. had all the necessary labels) but
was still in the "Work in Progress" state, its status was displayed as
"Merge Conflict" in the change list and the change screen in the GWT UI.
* [Issue 8936](https://bugs.chromium.org/p/gerrit/issues/detail?id=8936):
Add missing 'Hashtags' label on the change screen in the GWT UI.
* [Issue 8916](https://bugs.chromium.org/p/gerrit/issues/detail?id=8916):
Allow ownerin predicate to be evaluated by the index.
* Fix double creation of SSH command execution queues.
* Fix timestamp for submodule updates.
When a submodule was updated by subscription, the same commit timestamp
was always used due to the server identity being cached.
* Allow to include username in servlet response header.
By setting `http.addUserAsResponseHeader`, the servlet response includes
a 'User' header that contains the name of the logged in user, enabling
reverse proxies to log the name of the user that issued the http request.
* Fix user permission checks in APIs when invoked via the GerritApi.
Actions were incorrectly being denied because the user validation
was comparing user object instances rather than the account ID that
they represented.
* Allow to replace the default H2 persistent cache with a custom implementation.
The default H2 persistent cache can be replaced by a module that implements
the `CacheImpl` interface.
An implementation is provided for postgresql.
* Various logging improvements.
* Hooks plugin
* [Issue 9015](https://bugs.chromium.org/p/gerrit/issues/detail?id=9015):
Add a `submit` hook
The `submit` hook is invoked synchronously when a change is submitted. If
it returns a non-zero exit status, a `MergeValidationException` is thrown
and the submit is prevented.
This adds back the ability to block submit by a hook which was removed in
version 2.14 due to the reworking of the `ref-update` hook behavior.
* Fix repeated instantiation of the `ref-update` and `commit-received` hooks.
The hooks were not singletons, which caused new instances to be created
on every invocation.
* Wrap account ID in quotes when passing as hook argument.
* Improve logging to make it easier to track down hook execution problems.
When a hook exits with an error status (i.e. non-zero), or times out, an error
is now emitted to the log. Previously there was no log on timeout, and the exit
status was only logged at debug level.
The configured hooks path and resolved path for hook files is logged at info
level.
When a hook file does not exist, a message is logged at debug level.
* Improve documentation
* Expand and improve documentation related to debugging hooks.
* Restructure the hooks page to separate synchronous and asynchronous hooks, and
add a table of contents.
* PolyGerrit fixes:
* [Issue 8655](https://bugs.chromium.org/p/gerrit/issues/detail?id=8655):
Clear suggestions on autocomplete input change.
* [Issue 8237](https://bugs.chromium.org/p/gerrit/issues/detail?id=8237):
Link account chips to owner search rather than user dashboard.
* [Issue 8375](https://bugs.chromium.org/p/gerrit/issues/detail?id=8375):
Add reset button to my menu in settings.
* [Issue 7815](https://bugs.chromium.org/p/gerrit/issues/detail?id=7815):
Don't curse over files with up/down keys.
* [Issue 8722](https://bugs.chromium.org/p/gerrit/issues/detail?id=8722):
Limit assignee suggestion to users that can see the change.
This was fixed for the GWT UI in [2.15.1](#2.15.1).
* [Issue 8940](https://bugs.chromium.org/p/gerrit/issues/detail?id=8940):
Fix loading change edit on change screen.
* [Issue 4552](https://bugs.chromium.org/p/gerrit/issues/detail?id=4552):
Allow some sections of the change list to overflow
* Add a link to group page in groups section of settings.
* Make sure plugins are not double counted.
* Elasticsearch fixes
* [Issue 8523](https://bugs.chromium.org/p/gerrit/issues/detail?id=8523):
Fix configuration of elasticsearch during site initialization.
When the site was initialized with Elasticsearch as the secondary index,
the `elasticsearch.prefix` was not set, and Elasticsearch server-specific
settings were not correctly set under `elasticsearch.name.protocol`, etc.
* [Issue 8527](https://bugs.chromium.org/p/gerrit/issues/detail?id=8527):
Improve documentation of `index.maxLimit` for Elasticsearch.
When using Elasticsearch, `index.maxLimit` should not exceed the value
of `index.max_result_window` configured on the Elasticsearch server.
* [Issue 8553](https://bugs.chromium.org/p/gerrit/issues/detail?id=8553):
Fix reindexing of an already initialized site with Elasticsearch.
* [Issue 8690](https://bugs.chromium.org/p/gerrit/issues/detail?id=8690):
Allow to use the `index start` and `index activate` ssh commands with Elasticsearch.
* [Issue 8525](https://bugs.chromium.org/p/gerrit/issues/detail?id=8525):
Fix setting of changed lines in the change info.
* [Issue 8588](https://bugs.chromium.org/p/gerrit/issues/detail?id=8588):
Fix setting the star icon status in the change info.
* [Issue 8806](https://bugs.chromium.org/p/gerrit/issues/detail?id=8806):
Fix online reindex to new index version.
* Change default Elasticsearch prefix to `gerrit_`.
### 2.15.1
* [Issue 8677](https://bugs.chromium.org/p/gerrit/issues/detail?id=8677):
Fix internal error when sending raw input to PUT and POST REST endpoints. In
particular, this caused errors when using the plugin manager to update or
install plugins.
* [Issue 5181](https://bugs.chromium.org/p/gerrit/issues/detail?id=5181):
Limit assignee suggestion to users that can see the change.
* [Issue 6112](https://bugs.chromium.org/p/gerrit/issues/detail?id=6112):
Add support for "Included In" in the PolyGerrit change screen.
* [Issue 6583](https://bugs.chromium.org/p/gerrit/issues/detail?id=6583):
Fix false negatives for edits due to rebase.
* [Issue 8574](https://bugs.chromium.org/p/gerrit/issues/detail?id=8574):
Fix refresh of PolyGerrit change list with "Shift + R".
* [Issue 8703](https://bugs.chromium.org/p/gerrit/issues/detail?id=8703):
Fix false warning in server log when creating a new project.
* [Issue 8252](https://bugs.chromium.org/p/gerrit/issues/detail?id=8252):
Improve error message in PolyGerrit when adding a group member to a group that
does not exist or is not viewable for the current user.
* Allow admins to toggle the WIP flag on all changes.
* Fix internal server error when group UUID cannot be resolved when getting audit log.
* Display group UUID in group audit log if group name is missing.
The group name can be missing if there is no group backend that handles the
group. This can happen for example if a plugin that handled the group was
removed.
* Fix removal of email/password on external ID update.
* Replication plugin:
* Fix creation of missing repository.
When replicating to a destination where the repository does not exist,
updating the `HEAD` reference failed because the passed reference name was
not absolute.
* Add documentation of how to exclude repositories from replication.
* Fix logging of new project creation and project deletion.
The "created" and "deleted" logs were emitted even when the operation
failed.
* Allow graceful rolling restarts
Set a graceful stop timeout for allowing Jetty to wait for incoming requests
to be completed before shutting down its sockets.