Merge branch 'stable-2.11'

* stable-2.11:
  Position cursor on first column on diff chunk navigation
  Restore default Codemirror cursor style
  Update 2.11.1 release notes
  Update replication plugin
  rest-api-changes.txt: fix minor spelling mistake
  Fix various spelling mistakes
  Prolog-Cookbook: tidy up rule status descriptions
  Upgrade replication plugin
  Always add SecureStore module in WebAppInitializer
  Batch index executor: Don't fall back to interactive executor
  Fix minor typo in set-account command documentation
  ChangeJson: Don't load all approvals on closed changes
  ChangeJson: Less eager loading of patch sets
  ChangeJson: Eliminate patch set loading in search results
  Remove StoredValues.PATCH_SET
  Update 2.11.1 release notes
  JarPluginProvider: Add JarScanner on running plugin JAR file
  GitWeb config: Delete temporary config on exit
  Fix description of auth.* parameters

Change-Id: I9fc13aa3665c29e488d49a36c9b57f908a74c2f8

Documentation/access-control.txt

@@ -874,7 +874,7 @@ Suggested access rights to grant:
 If it's desired to have the possibility to upload temporarily hidden
 changes there's a specific permission for that.  This enables someone
 to add specific reviewers for early feedback before making the change
-publically visible.  If you want to allow others than the owners to
+publicly visible.  If you want to allow others than the owners to
 publish a draft you also need to grant them `Publish Drafts`.
 
 Optional access rights to grant:

Documentation/cmd-set-account.txt

@@ -65,7 +65,7 @@ This most likely requires double quoting the value, for example
     Delete an email from this user's account if it exists.
     If the email provided is 'ALL', all associated emails are
     deleted from this account.
-    Maybe supplied more than once to remove multiple emails
+    May be supplied more than once to remove multiple emails
     from an account in a single command execution.
 
 --preferred-email::

Documentation/config-gerrit.txt

@@ -337,26 +337,27 @@ If not set, the redirect returns to the list of all open changes.
 [[auth.registerUrl]]auth.registerUrl::
 +
 Target for the "Register" link in the upper right corner.  Used only
-when `auth.type` is `LDAP`.
+when `auth.type` is `LDAP`, `LDAP_BIND` or `CUSTOM_EXTENSION`.
 +
 If not set, no "Register" link is displayed.
 
 [[auth.registerText]]auth.registerText::
 +
 Text for the "Register" link in the upper right corner.  Used only
-when `auth.type` is `LDAP`.
+when `auth.type` is `LDAP`, `LDAP_BIND` or `CUSTOM_EXTENSION`.
 +
 If not set, defaults to "Register".
 
 [[auth.editFullNameUrl]]auth.editFullNameUrl::
 +
 Target for the "Edit" button when the user is allowed to edit their
-full name.
+full name.  Used only when `auth.type` is `LDAP`, `LDAP_BIND` or
+`CUSTOM_EXTENSION`.
 
 [[auth.httpPasswordUrl]]auth.httpPasswordUrl::
 +
 Target for the "Obtain Password" link.  Used only when `auth.type` is
-`LDAP`, `LDAP_BIND` or `CUSTOM_EXTENSION`.
+`CUSTOM_EXTENSION`.
 
 [[auth.switchAccountUrl]]auth.switchAccountUrl::
 +
@@ -1204,7 +1205,7 @@ much more predictable behavior.
 Size of the buffer to store logging events for asynchronous logging.
 Putting a larger value can protect threads from stalling when the
 AsyncAppender threads are not fast enough to consume the logging events
-from the buffer. It also protects from loosing log entries in this case.
+from the buffer. It also protects from losing log entries in this case.
 +
 Default is 64 entries.
 
@@ -2195,8 +2196,8 @@ is iset).
 Number of threads to use for indexing in background operations, such as
 online schema upgrades.
 +
-If not set or set to a negative value, defaults to using the same
-thread pool as interactive operations (unless
+If not set or set to a negative value, defaults to logical number of CPU
+cores as returned by the JVM (unless
 link:#changeMerge.threadPoolSize[changeMerge.threadPoolSize] is set).
 
 [[index.onlineUpgrade]]index.onlineUpgrade::

Documentation/dev-inspector.txt

@@ -240,7 +240,7 @@ to the error log:
 
 ----
 [2012-04-17 14:20:30,558] INFO  com.google.gerrit.pgm.shell.JythonShell : Jython shell instance created.
-[2012-04-17 14:20:38,005] ERROR com.google.gerrit.pgm.shell.JythonShell : Exception occured while loading file Startup.py :
+[2012-04-17 14:20:38,005] ERROR com.google.gerrit.pgm.shell.JythonShell : Exception occurred while loading file Startup.py :
 java.lang.reflect.InvocationTargetException
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

Documentation/prolog-cookbook.txt

@@ -141,15 +141,14 @@ be any other string (see examples below). The `status` is one of:
 
 * `ok(user(ID))` or just `ok(_)` if user info is not important. This status is
   used to tell that this label/category has been met.
-* `need(_)` is used to tell that this label/category is needed for change to
-  become submittable
-* `reject(user(ID))` or just `reject(_)`. This status is used to tell that
-  label/category is blocking change submission
-* `impossible(_)` is used when the logic knows that the change cannot be
-  submitted as-is. Administrative intervention is probably required. This is
-  meant for cases where the logic requires members of "FooEng" to score
-  `Code-Review +2` on a change, but nobody is in group "FooEng". It is to hint
-  at permissions misconfigurations.
+* `need(_)` is used to tell that this label/category is needed for the change to
+   become submittable.
+* `reject(user(ID))` or just `reject(_)`. This status is used to tell that this
+   label/category is blocking submission of the change.
+* `impossible(_)` is used when the logic knows that the change cannot be submitted
+   as-is. This is meant for cases where the logic requires members of a specific
+   group to apply a specific label on a change, but no users are in that group.
+   This is usually caused by misconfiguration of permissions.
 * `may(_)` allows expression of approval categories that are optional, i.e.
   could either be set or unset without ever influencing whether the change
   could be submitted.

Documentation/rest-api-changes.txt

@@ -1687,7 +1687,7 @@ Rebases change edit on top of latest patch set.
 ----
 
 When change was rebased on top of latest patch set, response
-"`204 No Content`" is returned. When change edit is aready
+"`204 No Content`" is returned. When change edit is already
 based on top of the latest patch set, the response
 "`409 Conflict`" is returned.
 

ReleaseNotes/ReleaseNotes-2.10.1.txt

@@ -23,7 +23,7 @@ LDAP
 ----
 
 * Several performance improvements when using LDAP, both in the number of LDAP
-requests and in the amount of data transfered.
+requests and in the amount of data transferred.
 
 * Sites using LDAP for authentication but otherwise rely on local Gerrit groups
 should set the new `ldap.fetchMemberOfEagerly` option to `false`.

ReleaseNotes/ReleaseNotes-2.10.3.txt

@@ -33,7 +33,7 @@ New Features
 +
 OpenID auth scheme is aware of optional OAuth2 plugin-based authentication.
 This feature is considered to be experimental and hasn't reached full feature set yet.
-Particularly, linking of user identities accross protocol boundaries and even from
+Particularly, linking of user identities across protocol boundaries and even from
 one OAuth2 identity to another OAuth2 identity wasn't implemented yet.
 
 Configuration

ReleaseNotes/ReleaseNotes-2.10.4.txt

@@ -12,7 +12,7 @@ New Features
 
 * Support identity linking in hybrid OpenID and OAuth2 authentication.
 +
-Linking of user identities accross protocol boundaries and from one OAuth2
+Linking of user identities across protocol boundaries and from one OAuth2
 identity to another OAuth2 identity is supported.
 
 * Support identity linking in OAuth2 extension point.

ReleaseNotes/ReleaseNotes-2.11.1.txt

@@ -19,7 +19,7 @@ New Features
 * link:http://code.google.com/p/gerrit/issues/detail?id=321[Issue 321]:
 Use in-memory Lucene index for a better reviewer suggestion.
 +
-Instead of a linear full text search through a list of accounts use an
+Instead of a linear full text search through a list of accounts, use an
 in-memory Lucene index. The index is periodically refreshed. The refresh period
 is configurable via the
 link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.11.1/config-gerrit.html#suggest.fullTextSearchRefresh[
@@ -29,7 +29,27 @@ suggest.fullTextSearchRefresh] parameter.
 Bug Fixes
 ---------
 
-* Fix PatchLineCommentsUtil.draftByChangeAuthor.
+* link:http://code.google.com/p/gerrit/issues/detail?id=3363[Issue 3363]:
+Fix performance degrade in background mergeability checks.
++
+When neither `index.batchThreads` nor `changeMerge.threadPoolSize` was defined,
+the background mergeability check fell back to using an interactive executor.
++
+This led to a severe performance degradation during git push operations because
+the `ref-update` listener was reindexing all open changes on the target branch
+interactively. The degradation increased linearly with number of open changes on
+the target branch.
++
+Now, instead of indexing interactively, it falls back to a batch thread pool
+with the logical number of available CPUs.
+
+* Reduce unnecessary database access when queryng changes.
++
+Searching for changes was retrieving more information than necessary from the
+database. This has been optimized to reduce database access and make better use
+of the secondary index.
+
+* Fix `PatchLineCommentsUtil.draftByChangeAuthor`.
 +
 There is not a native index for this, and the ReviewDb case was not properly
 filtering a result by change.
@@ -53,7 +73,7 @@ was not becoming owner of the created project, because only project owners can
 edit the `project.config` file.
 
 * link:http://code.google.com/p/gerrit/issues/detail?id=3342[Issue 3342]:
-Log IOExceptions on failure to update project configuration.
+Log `IOException` on failure to update project configuration.
 +
 Without logging these exceptions it's hard to guess why the update of the
 project configuration is failing.
@@ -61,23 +81,55 @@ project configuration is failing.
 * Don't show stack trace when failing to build BloomFilter during reindex.
 
 * link:http://code.google.com/p/gerrit/issues/detail?id=3337[Issue 3337]:
-Reenable revert button when revert is cancelled.
+Reenable 'Revert' button when revert is cancelled.
 
 * link:http://code.google.com/p/gerrit/issues/detail?id=3325[Issue 3325]:
 Add missing `--newrev` parameter to the
 link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.11.1/config-hooks.html#_change_merged[
 change-merged hook documentation].
 
-* Fix gc_log when running in a web container.
+* Fix `gc_log` when running in a web container.
 +
-All logs supposed to be in gc_log file were ending up in main log instead when
-deploying Gerrit in a web container.
+All logs supposed to be in the `gc_log` file were ending up in the main log
+instead when deploying Gerrit in a web container.
+
+* Fix binding of SecureStore modules.
++
+The SecureStore modules were not correctly added when Gerrit was deployed in a
+web container with the site path configured using the `gerrit.site_path`
+property.
+
+* link:http://code.google.com/p/gerrit/issues/detail?id=3310[Issue 3310]:
+Fix disabling plugins when Gerrit is running on Windows.
++
+When running Gerrit on Windows it was not possible to disable a plugin due to an
+error renaming the plugin's JAR file.
+
+* Remove temporary GitWeb config on Gerrit exit.
++
+A temporary directory was being created but not removed.
 
 * link:http://code.google.com/p/gerrit/issues/detail?id=3346[Issue 3346]:
 Fix typo in the
 link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.11.1/config-reverseproxy.html[
 Apache 2 configuration documentation].
 
+* link:http://code.google.com/p/gerrit/issues/detail?id=3346[Issue 3346]:
+Fix incorrect documentatation of
+link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.11.1/config-gerrit.html#auth.registerUrl[
+auth types].
+
+* Replication plugin
+
+** Fix creation of missing repositories.
++
+Missing projects were not being created on the destination.
+
+** Emit replication status events after initial full sync.
++
+When `replicateOnStartup` is enabled, the plugin was not emitting the status
+events after the initial sync.
+
 Updates
 -------
 

ReleaseNotes/ReleaseNotes-2.5.txt

@@ -923,11 +923,11 @@ Eclipse 3 writes a timestamp at the top of these files making the Git
 working tree dirty.  Eclipse 4 (Juno) still overwrites these files but
 doesn't write the timestamp.  This should help to keep the working tree
 clean.  However, since the timestamp is currently present in these
-files, Eclispe 4 would still make them dirty by overwriting and
+files, Eclipse 4 would still make them dirty by overwriting and
 effectively removing the timestamp.
 +
 This change removes the timestamp from these files. This helps those
-using Eclipse 4 and doesn't make it worse for those still using Eclispe
+using Eclipse 4 and doesn't make it worse for those still using Eclipse
 3.
 
 * Add Maven profile to skip build of plugin modules

ReleaseNotes/ReleaseNotes-2.8.txt

@@ -625,7 +625,7 @@ Configuration
 
 * Do not persist default project state in `project.config`.
 
-* Honor the `gerrit.cannonicalWebUrl` setting when opening the browser after init.
+* Honor the `gerrit.canonicalWebUrl` setting when opening the browser after init.
 
 * Fix 'query disabled' error when Query Limit is set.
 

gerrit-gwtui/src/main/java/com/google/gerrit/client/diff/ChunkManager.java

@@ -317,7 +317,7 @@ class ChunkManager {
 
         DiffChunkInfo target = chunks.get(res);
         CodeMirror targetCm = host.getCmFromSide(target.getSide());
-        targetCm.setCursor(Pos.create(target.getStart()));
+        targetCm.setCursor(Pos.create(target.getStart(), 0));
         targetCm.focus();
         targetCm.scrollToY(
             targetCm.heightAtLine(target.getStart(), "local") -

gerrit-gwtui/src/main/java/com/google/gerrit/client/diff/DiffTable.ui.xml

@@ -22,7 +22,7 @@ limitations under the License.
     @external .CodeMirror-linenumber;
     @external .CodeMirror-overlayscroll-vertical, .CodeMirror-scroll;
     @external .CodeMirror-dialog-bottom;
-    @external .cm-animate-fat-cursor, .CodeMirror-cursor;
+    @external .CodeMirror-cursor;
 
     .fullscreen {
       background-color: #f7f7f7;
@@ -116,18 +116,7 @@ limitations under the License.
       cursor: pointer;
     }
     .difftable .CodeMirror div.CodeMirror-cursor {
-      background: transparent;
-      text-decoration: underline;
-      border: none;
-      z-index: 2;
-    }
-    .difftable .cm-animate-fat-cursor {
-      text-decoration: underline;
-      border: none;
-      animation: none;
-      -webkit-animation: none;
-      -moz-animation: none;
-      -o-animation: none;
+      border-left: 2px solid black;
     }
     .difftable .CodeMirror-dialog-bottom {
       border-top: 0;

gerrit-gwtui/src/main/java/com/google/gerrit/client/ui/OnEditEnabler.java

@@ -87,7 +87,7 @@ public class OnEditEnabler implements KeyPressHandler, KeyDownHandler,
     // Resetting the "original text" on focus ensures that we are
     // up to date with non-user updates of the text (calls to
     // setText()...) and also up to date with user changes which
-    // occured after enabling "widget".
+    // occurred after enabling "widget".
     tb.addFocusHandler(new FocusHandler() {
         @Override
         public void onFocus(FocusEvent event) {

gerrit-gwtui/src/main/java/net/codemirror/lib/CodeMirror.java

@@ -219,7 +219,7 @@ public class CodeMirror extends JavaScriptObject {
     if (lineAtHeight(height - 20) < line) {
       scrollToY(heightAtLine(line, "local") - 0.5 * height);
     }
-    setCursor(Pos.create(line));
+    setCursor(Pos.create(line, 0));
   }
 
   public final native ScrollInfo getScrollInfo() /*-{

gerrit-httpd/src/main/java/com/google/gerrit/httpd/gitweb/GitWebServlet.java

@@ -165,6 +165,8 @@ class GitWebServlet extends HttpServlet {
     myconfFile.setWritable(true, true /* owner only */);
     myconfFile.setReadable(true, true /* owner only */);
 
+    myconfFile.deleteOnExit();
+
     _env.set("GIT_DIR", ".");
     _env.set("GITWEB_CONFIG", myconf.toAbsolutePath().toString());
 

gerrit-pgm/src/main/java/com/google/gerrit/pgm/JythonShell.java

@@ -191,9 +191,9 @@ public class JythonShell {
           + " is not found or not executable");
       }
     } catch (InvocationTargetException e) {
-      log.error("Exception occured while loading file " + p + " : ", e);
+      log.error("Exception occurred while loading file " + p + " : ", e);
     } catch (SecurityException e) {
-      log.error("SecurityException occured while loading file " + p + " : ", e);
+      log.error("SecurityException occurred while loading file " + p + " : ", e);
     }
   }
 
@@ -204,7 +204,7 @@ public class JythonShell {
         new Object[] { in, p }
       );
     } catch (InvocationTargetException e) {
-      log.error("Exception occured while loading " + p + " : ", e);
+      log.error("Exception occurred while loading " + p + " : ", e);
     }
   }
 

gerrit-server/src/main/java/com/google/gerrit/server/index/IndexModule.java

@@ -114,7 +114,6 @@ public class IndexModule extends LifecycleModule {
   @Singleton
   @IndexExecutor(BATCH)
   ListeningExecutorService getBatchIndexExecutor(
-      @IndexExecutor(INTERACTIVE) ListeningExecutorService interactive,
       @GerritServerConfig Config config,
       WorkQueue workQueue) {
     if (batchExecutor != null) {
@@ -125,7 +124,7 @@ public class IndexModule extends LifecycleModule {
       threads = config.getInt("changeMerge", null, "threadPoolSize", 0);
     }
     if (threads <= 0) {
-      return interactive;
+      threads = Runtime.getRuntime().availableProcessors();
     }
     return MoreExecutors.listeningDecorator(
         workQueue.createQueue(threads, "Index-Batch"));

gerrit-server/src/main/java/com/google/gerrit/server/plugins/JarPluginProvider.java

@@ -142,7 +142,7 @@ public class JarPluginProvider implements ServerPluginProvider {
           new URLClassLoader(urls.toArray(new URL[urls.size()]),
               PluginLoader.parentFor(type));
 
-      JarScanner jarScanner = createJarScanner(srcJar);
+      JarScanner jarScanner = createJarScanner(tmp);
       ServerPlugin plugin = new ServerPlugin(name, description.canonicalUrl,
           description.user, srcJar, snapshot, jarScanner,
           description.dataDir, pluginLoader);

gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectCache.java

@@ -32,7 +32,7 @@ public interface ProjectCache {
    * Get the cached data for a project by its unique name.
    *
    * @param projectName name of the project.
-   * @return the cached data; null if no such project exists or a error occured.
+   * @return the cached data; null if no such project exists or a error occurred.
    * @see #checkedGet(com.google.gerrit.reviewdb.client.Project.NameKey)
    */
   public ProjectState get(Project.NameKey projectName);

gerrit-war/src/main/java/com/google/gerrit/httpd/WebAppInitializer.java

@@ -211,6 +211,7 @@ public class WebAppInitializer extends GuiceServletContextListener
   private Injector createDbInjector() {
     final List<Module> modules = new ArrayList<>();
     AbstractModule secureStore = createSecureStoreModule();
+    modules.add(secureStore);
     if (sitePath != null) {
       Module sitePathModule = new AbstractModule() {
         @Override
@@ -244,7 +245,6 @@ public class WebAppInitializer extends GuiceServletContextListener
       });
 
     } else {
-      modules.add(secureStore);
       modules.add(new LifecycleModule() {
         @Override
         protected void configure() {