= Release notes for Gerrit 2.11.4

Gerrit 2.11.4 is now available:

link:https://gerrit-releases.storage.googleapis.com/gerrit-2.11.4.war[
https://gerrit-releases.storage.googleapis.com/gerrit-2.11.4.war]

Gerrit 2.11.4 includes the bug fixes done with
link:ReleaseNotes-2.10.7.html[Gerrit 2.10.7]. These bug fixes are *not* listed
in these release notes.

There are no schema changes from link:ReleaseNotes-2.11.3.html[2.11.3].


== Bug Fixes

* Fix NullPointerException in `ls-project` command with `--has-acl-for` option.
+
Using the `--has-acl-for` option for external groups (e.g. LDAP groups) was
causing a NullPointerException.

* link:https://code.google.com/p/gerrit/issues/detail?id=3328[Issue 3328]:
Allow to push a tag that points to a non-commit object.
+
When pushing a tag that points to a non-commit object, like
link:https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tag/?id=v2.6.11[
`v2.6.11` on linux-stable] which points to a tree, or
link:https://git.eclipse.org/c/jgit/jgit.git/tag/?id=spearce-gpg-pub[
`spearce-gpg-pub` on jgit] which points to a blob, Gerrit rejected the push with
the error message 'missing object(s)'.
+
Note: This was previously fixed in Gerrit version 2.11.1, but was inadvertently
reverted in 2.11.2 and 2.11.3.

* link:https://code.google.com/p/gerrit/issues/detail?id=2817[Issue 2817]:
Insert `Change-Id` footer into access right changes.
+
When modifications of access rights were saved for review, the change
did not have a `Change-Id` footer in the commit message.

* Fix duplicated log lines after reloading a plugin.
+
If a plugin was reloaded, logs emitted from the plugin were duplicated.

* Remove `--recheck-mergeable` option from `reindex` command documentation.
+
The `--recheck-mergeable` option was removed in Gerrit version 2.11.

* Use the correct validation policy for commits created by Gerrit.
+
Commits created by Gerrit were being validated in the same way as commits
received from users.

* link:https://code.google.com/p/gerrit/issues/detail?id=3557[Issue 3557]:
Disallow invalid reference patterns in project configuration.
+
When editing a project configuration by using the UI or by submitting a change
to `refs/meta/config`, it was possible to add a permission to an invalid
reference pattern. This caused the project to be unavailable and the `ls-projects`
command to fail whenever this project was encountered.

* link:https://code.google.com/p/gerrit/issues/detail?id=3574[Issue 3574]:
Fix review labels with `AnyWithBlock` function.
+
The review labels with `AnyWithBlock` with 0 and +1 values blocked submit when
reviewers were added.

* Fix ref in tag list for signed/annotated tags.
+
The tag name from the header was used, rather than the ref name. In some cases
this resulted in the wrong tag ref being listed.

* Prevent user from bypassing `ref-update` hook through gerrit-created commits.
+
If the user used the cherry-pick ability in the UI or via the REST API, they
could put a commit on a branch that bypassed the requirements of the `ref-update`
hook (such as that certain branches require QA-tickets to be referenced in the
commit message).

* Allow `InternalUsers` to see drafts.
+
According to the documentation, `InternalUsers` should have full read access.
This was not true, since `InternalUsers` could not see drafts.

* link:https://code.google.com/p/gerrit/issues/detail?id=2683[Issue 2683]:
Fix non-ASCII password authentication failure under tomcat (LDAP).
+
The authentication with LDAP failed when the password contained non-ASCII
characters such as ä, ö, Ä, and Ö.

* Do not double decode the login URL token.
+
The login URL token used to redirect from the login servlet to the target page
is already decoded and should not be decoded again.

* link:https://code.google.com/p/gerrit/issues/detail?id=3020[Issue 3020]:
Include approvals specified on push in change message.
+
When using the `%l` option to apply a review label on uploaded changes or
patch sets, the applied label was not mentioned in the change message.

* Fire the `comment-added` hook for approvals specified on push.
+
When using the `%l` option to apply a review label on uploaded changes or
patch sets, the `comment-added` hook was not being fired.

* link:https://code.google.com/p/gerrit/issues/detail?id=3602[Issue 3602]:
Use uploader for approvals specified on push, not the committer.
+
When using the `%l` option to apply a review label on uploaded changes or
patch sets, the review label was in some cases applied as the committer rather
than the uploader.

* link:https://code.google.com/p/gerrit/issues/detail?id=3531[Issue 3531]:
Fix internal server error on unified diff screen for anonymous users.

* link:https://code.google.com/p/gerrit/issues/detail?id=2414[Issue 2414]:
Improve detection of requiring sign-in.
+
Some queries, such as the `has:*` operators, require the user to be signed in.
+
Also, when handling a REST API failure, detect 'Invalid authentication' responses
as also requiring a new session.

* link:https://code.google.com/p/gerrit/issues/detail?id=3052[Issue 3052]:
Fix 'Conflicts With' list for merge commits.
+
The 'Conflicts List' was not being populated correctly if the change being viewed
was a merge commit, or if the change being viewed conflicted with an open merge
commit.

== Plugin Bugfixes

* singleusergroup: Allow to add a user to a project's ACL using `user/username`.
+
A user could not be added to a project's ACL unless the user already had READ
permission in the project's ACL.

* replication: Add waiting time and number of retries to replication log.
+
Only the replication execution time was printed in the 'replication completed'
log statement. The waiting time and retry count is added, to help debug
replication delays.