Release notes for Gerrit 2.5 ============================ Gerrit 2.5 is now available: link:http://code.google.com/p/gerrit/downloads/detail?name=gerrit-full-2.5.war[http://code.google.com/p/gerrit/downloads/detail?name=gerrit-full-2.5.war] Gerrit 2.5 includes the bug fixes done with link:ReleaseNotes-2.4.1.html[Gerrit 2.4.1] and link:ReleaseNotes-2.4.2.html[Gerrit 2.4.2]. These bug fixes are *not* listed in these release notes. Schema Change ------------- *WARNING:* This release contains schema changes. To upgrade: ---- java -jar gerrit.war init -d site_path ---- *WARNING:* Upgrading to 2.5.x requires the server be first upgraded to 2.1.7 (or a later 2.1.x version), and then to 2.5.x. If you are upgrading from 2.2.x.x or newer, you may ignore this warning and upgrade directly to 2.5.x. Warning on upgrade to schema version 68 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The migration to schema version 68, may result in a warning, which can be ignored when running init in the interactive mode. E.g. this warning may look like this: ---- Upgrading database schema from version 67 to 68 ... warning: Cannot create index for submodule subscriptions Duplicate key name 'submodule_subscriptions_access_bySubscription' Ignore warning and proceed with schema upgrade [y/N]? ---- This migration is creating an index for the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/user-submodules.html[submodule feature] in Gerrit. When the submodule feature was introduced the index was only created when a new site was initialized, but not when Gerrit was upgraded. This migration tries to create the index, but it will only succeed if the index does not exist yet. If the index exists already, the creation of the index will fail. There was no database independent way to detect this case and this is why this migration leaves it to the user to decide if a failure should be ignored or not. If from the error message you can see that the migration failed because the index exists already (as in the example above), you can safely ignore this warning. Upgrade Warnings ---------------- [[replication]] Replication ~~~~~~~~~~~ Gerrit 2.5 no longer includes replication support out of the box. Servers that reply upon `replication.config` to copy Git repository data to other locations must also install the replication plugin. Cache Configuration ~~~~~~~~~~~~~~~~~~~ Disk caches are now backed by individual H2 databases, rather than Ehcache's own private format. Administrators are encouraged to clear the `'$site_path'/cache` directory before starting the new server. The `cache.NAME.diskLimit` configuration variable is now expressed in bytes of disk used. This is a change from previous versions of Gerrit, which expressed the limit as the number of entries rather than bytes. Bytes of disk is a more accurate way to size what is held. Admins that set this variable must update their configurations, as the old values are too small. For example a setting of `diskLimit = 65535` will only store 64 KiB worth of data on disk and can no longer hold 65,000 patch sets. It is recommended to delete the diskLimit variable (if set) and rely on the built-in default of `128m`. The `cache.diff.memoryLimit` and `cache.diff_intraline.memoryLimit` configuration variables are now expressed in bytes of memory used, rather than number of entries in the cache. This is a change from previous versions of Gerrit and gives administrators more control over how memory is partitioned within a server. Admins that set this variable must update their configurations, as the old values are too small. For example a setting of `memoryLimit = 1024` now means only 1 KiB of data (which may not even hold 1 patch set), not 1024 patch sets. It is recommended to set these to `10m` for 10 MiB of memory, and increase as necessary. The `cache.NAME.maxAge` variable now means the maximum amount of time that can elapse between reads of the source data into the cache, no matter how often it is being accessed. In prior versions it meant how long an item could be held without being requested by a client before it was discarded. The new meaning of elapsed time before consulting the source data is more useful, as it enables a strict bound on how stale the cached data can be. This is especially useful for slave servers account and permission data, or the `ldap_groups` cache, where updates are often made to the source without telling Gerrit to reload the cache. New Features ------------ Plugins ~~~~~~~ The Gerrit server functionality can be extended by installing plugins. Depending on how tightly the extension code is coupled with the Gerrit server code, there is a distinction between link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#plugin[plugins] and link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#extension[extensions]. * link:#replication[Move replication logic to replication plugin] + This splits all of the replication code out of the core server and moves it into a standard plugin. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html[Documentation about plugin development] including instructions for: ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#getting-started[how to get started with plugin development] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#deployment[plugin deployment/installation] * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#API[API for plugins and extensions] * Support for link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#ssh[SSH command plugins] + Allows plugin developers to declare additional SSH commands. * Enable link:#ssh-alias[aliases for SSH commands] + Site administrators can alias SSH commands from a plugin into the `gerrit` namespace. + The aliases are configured statically at server startup, but are resolved dynamically at invocation time to the currently loaded version of the plugin. If the plugin is not loaded, or does not define the command, "not found" is returned to the user. * Support for link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#http[HTTP plugins] + Plugins may contribute to the /plugins/NAME/ URL space. * Automatic registration of plugin bindings + If a plugin has no modules declared in the manifest, automatically generate the modules for the plugin based on the class files that appear in the plugin and the `@Export` annotations that appear on these concrete classes. + For any non-abstract command that extends SshCommand, plugins may declare the command with `@Export("name")` to link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#ssh[bind the implementation as that SSH command]. + Likewise link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#http[HTTP servlets can also be bound to URLs]. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#data-directory[Support a data directory for plugins on demand] * Support serving static/ and Documentation/ from plugins + The static/ and Documentation/ resource directories of a plugin can be served over HTTP for any loaded and running plugin, even if it has no other HTTP handlers. This permits a plugin to supply icons or other graphics for the web UI, or documentation content to help users learn how to use the plugin. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#documentation[Auto-formatting of plugin HTTP pages from Markdown files] + If Gerrit detects that a requested plugin resource does not exist, but instead a file with a `.md` extension does exist, Gerrit opens the `.md` file and reformats it as html. * Support of link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#macros[macros in Markdown plugin documentation] * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#auto-index[Automatic generation of an index for the plugin documentation] * Support for audit plugins + Plugins can implement an `AuditListener` to be informed about auditable actions: + ---- @Listener public class MyAuditTrail extends AuditListener ---- + The plugin must define a plugin module that binds the implementation of the audit listener in the `configure()` method: + ---- DynamicSet.bind(binder(), AuditListener.class).to(MyAuditTrail.class); ---- * Web UI for plugins + Administrators can see the list of installed plugins in the WebUI under `Admin` > `Plugins`. For each plugin the plugin status is shown and it is possible to navigate to the plugin documentation. * Servlet to list plugins + Administrators can retrieve plugin information from a REST interface by loading `/a/plugins/`. * Support SSH commands to ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-plugin-ls.html[list the installed plugins] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-plugin-install.html[install plugins] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-plugin-enable.html[enable plugins] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-plugin-remove.html[disable plugins] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-plugin-reload.html[reload plugins] * Support installation of core plugin on site initialization * Automatically load/unload/reload plugins + The PluginScanner thread runs every 1 minute by default and loads any newly created plugins, unloads any deleted plugins, and reloads any plugins that have been modified. + The check frequency can be configured by setting link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#plugins.checkFrequency[ plugins.checkFrequency] in the Gerrit config file. By configuration the scanner can also be disabled. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#classpath[Loading of plugins in own ClassLoader] * Plugin cleanup in the background + When a plugin is stopped, schedule a Plugin Cleaner task to run 1 minute later to try and clean out the garbage and release the JAR from `$site_path/tmp`. * Export `LifecycleListener` as extension point + Extensions may need to know when they are starting or stopping. Export the interface that they can use to learn this information. * Support injection of `ServerInformation` into extensions and plugins + Plugins can take this value by injection and learn the current server state during their own LifecycleListener. This enables a plugin to determine if it is loading as part of server startup, or because it was dynamically installed or reloaded by an administrator. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-plugins.html#getting-started[Maven archetype for creating gerrit plugin projects] * Enables the use of session management in Jetty + This enables plugins to make use of servlet sessions. REST API ~~~~~~~~ Gerrit now supports a REST like API available over HTTP. The API is suitable for automated tools to build upon, as well as supporting some ad-hoc scripting use cases. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api.html[Documentation of the REST API] * Support REST endpoints to ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api-changes.html[query changes] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api-projects.html[list projects] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api-projects.html#suggest-projects[suggest projects] ** link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api-accounts.html#list-account-capabilities[query the global capabilities of the calling user] * Support link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api.html#authentication[anonymous and authenticated access] to the REST endpoints * Support link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api.html#output[JSON output format] for the REST endpoints The new REST API is used from the Gerrit WebUI. Some of the methods from the old internal JSON-RPC interface were completely replaced by the new REST API and got deleted: * `ProjectAdminService.visibleProjects(AsyncCallback)` * `ProjectAdminService.suggestParentCandidates(AsyncCallback>)` * `ChangeListService.myStarredChangeIds(AsyncCallback>)` * `ChangeListService.allQueryNext(String, String, int, AsyncCallback)` * `ChangeListService.allQueryPrev(String, String, int, AsyncCallback)` * `ChangeListService.forAccount(Account.Id, AsyncCallback)` [[query-deprecation]] In addition the `/query` API has been deprecated. By default it is still available but server administrators may disable it by setting the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#site.enableDeprecatedQuery[ `site.enableDeprecatedQuery`] parameter in the Gerrit config file. This allows to enforce tools to move to the new API. Web ~~~ Change Screen ^^^^^^^^^^^^^ * Display commit message in a box + The commit message on the change screen is now placed in a box with a title and emphasis on the commit summary. The star icon and the permalink are displayed in the box header. The header from the change screen is removed as it only held duplicate information. * Open the dependency section automatically when the change is needed by an open change * Only show a change as needed by if its current patch set depends on the change * Show only changes of the same project in the 'Depends On' section + If two projects share the same history it can happen that the same commit is pushed for both projects, resulting in two changes. If now a successor commit is pushed for one of the projects, the resulting successor change was wrongly listing both changes in the 'Depends On' section. Now only the predecessor change of the own project is listed. * link:http://code.google.com/p/gerrit/issues/detail?id=1383[issue 1383]: Display the approval table on the PublishCommentsScreen. + So far the approval table that shows the reviewers and their current votes was only shown on the ChangeScreen. Now it is also shown on the PublishCommentScreen. This allows the reviewer to see all existing votes and reviewers when doing their own voting and publishing of comments. Seeing the existing votes helps the reviewer in understanding which votes are still required before the change can be submitted. * link:http://code.google.com/p/gerrit/issues/detail?id=1380[issue 1380]: Display time next to change comments + When a comment was posted yesterday, or any time older than 1 day but less than 1 year ago, display the time too. Display "May 2 17:37" rather than just "May 2". * Only show "Can Merge" when the change is new or draft * Allow auto suggesting reviewers to draft changes + Auto completing users for draft changes did't work as the other users didn't have access to the drafts. The visibility check for the reviewer suggestion is now skipped. * link:http://code.google.com/p/gerrit/issues/detail?id=1294[issue 1294]: Shorten subject of parent commit for displaying in the UI + If the parent commit has a very long subject (> 80 characters) shorten the subject for displaying it in the Gerrit web UI on the change screen. This avoids that the 'Parent(s)' cell for the patch set becomes very wide. * If subject is shortened for displaying in the UI indicate this by '...' + If a commit has a very long subject line (> 80 characters) it is shortened when it is displayed in the Gerrit Web UI. Indicate to the user that the subject was shortened by appending '...' to the shortened subject. + Also the subject is now cropped after a whitespace if possible. * Insert Change-Id for revert commits + The 'Revert Change' action on a merged change allows to create a new change that reverts the merged change. The commit message of the revert commit now contains a Change-Id. + It is convenient if a Change-Id is automatically created and inserted into the commit message of the revert commit since it makes rebasing of the revert commit easier. * Use more gentle shade of red to highlight outdated dependencies Patch Screens ^^^^^^^^^^^^^ * New patch screen header + A new patch screen header was added that is displayed above both the side-by-side and unified views. The new header contains actual links to the available patchsets and shows which patchset is being currently displayed. * link:http://code.google.com/p/gerrit/issues/detail?id=1192[issue 1192]: Add download links to the unified diff view * Improvement of the side-by-side viewer table + The line number column for the right side was moved to be on the far right of the table, so that the layout now looks like this: + ---- 1 | foo | bar | 1 2 | hello | hello | 2 ---- + This looks nicer when reading a lot of code, as the line numbers are less relevant than the code itself which is now in the center of the UI. + Line numbers are still links to create comment editors, but they use a light shade of gray and skip the underline decoration, making them less visually distracting. + Skip lines now use a paler shade of blue and also hide the fact they contain anchors, until you hover over them and the anchor shows up. + The expand before and after are changed to be arrows showing in which direction the lines will appear above or below the skip line. * link:http://code.google.com/p/gerrit/issues/detail?id=626[issue 626]: Option to display line endings + There is a new user preference that allows to display Windows EOL/Cr-Lf. '\r' is shown in a dotted-line box (similar to how '\r' is displayed in GitWeb). * Streamlined review workflow + A link was added next to the "Reviewed" checkbox that marks the current patch as reviewed and goes to the next unreviewed patch. * Add key commands to mark a patch as reviewed + Add key commands + . to toggle the reviewed flag for a patch ('m') + and + . to mark the patch as reviewed and navigate to the next unreviewed patch ('M'). * Use download icons instead of the `Download` text links User Dashboard ^^^^^^^^^^^^^^ * Support for link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/user-custom-dashboards.html[custom dashboards] * link:http://code.google.com/p/gerrit/issues/detail?id=1407[issue 1407]: Improve highlighting of unreviewed changes in the user's dashboard + A change will be highlighted as unreviewed if + . the user is reviewer of the change but hasn't published any change message for the current patch set . the user has published a change message for the current patch set, but afterwards the change owner has published a change message on the change * Sort outgoing reviews in the user dashboard by created date * Sort incoming reviews in the user dashboard by updated date + Sorting the incoming reviews by last updated date, descending, places the most recently updated reviews at the top of the list for a user, and the oldest stale at the bottom. This may help users to identify items to take immediate action on, as they appear closer to the top. Access Rights Screen ^^^^^^^^^^^^^^^^^^^^ * Display error if modifying access rights for a ref is forbidden + If a user is owner of at least one ref he is able to edit the access rights on a project. If he adds access rights for other refs, these access rights were silently ignored on save. Instead of this now an error message is displayed to inform the user that he doesn't have permissions to do the update for these refs. + In case of such an error the project access screen stays in the edit mode so that the unsaved modifications are not lost. The user may now propose the changes to the access rights through code review. * Allow to propose changes to access rights through code review + Users that are able to upload changes for code review for the `refs/meta/config` branch can now propose changes to the project access rights through code review directly from the ProjectAccessScreen. + When editing the project access rights there is a new button 'Save for Review' which will create a new change for the access rights modifications. Project owners are automatically added as reviewer to this change. If a project owner agrees to the access rights modifications he can simply approve and submit the change. * Show all access rights in WebUI if user can read `refs/meta/config` + Users who can read the `refs/meta/config` branch, can see all access rights by fetching this branch and looking at the `project.config` file. Now they can see the same information in the web UI. * Allow extra group suggestions for project owners + When suggesting groups to a user, only groups that are visible to the user are suggested. These are those group that the user is member of. For project owners now also groups to which they are not a member are suggested when editing the access rights of the project. Other ^^^^^ * link:http://code.google.com/p/gerrit/issues/detail?id=1592[issue 1592]: Ask user to login if change is not found + Accessing a change URL was failing with 'Application Error - The page you requested was not found, or you do not have permission to view this page' if the user was not signed in and the change was not visible to `Anonymous Users`. Instead Gerrit now asks the user to login and afterwards shows the change to the user if it exists and is visible. If the change doesn't exist or is not visible, the user will still get the NotFoundScreen after sign in. * Link to owner query from user names + Instead of linking from a user name to the user's dashboards, link to a search for changes owned by that user. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#gerrit.reportBugUrl[Allow configuring the `Report Bug` URL] + Let site administrators direct users to their own ticket queue, as for many servers most of the reported bugs are small internal problems like asking for a repository to be created or updating group memberships. * On project creation allow choosing the parent project from a popup + In the create project UI a user can now browse all projects and select one as parent for the new project. * Check for open changes on branch deletion + Check for open changes when deleting a branch in the Gerrit WebUI. Delete a branch only if there are no open changes for this branch. This makes users aware of open changes when deleting a branch. * Enable ProjectBranchesScreen for the `All-Projects` project + This allows to see the branches of the `All-Projects` project in the web UI. * Show for each project in the project list a link to the repository browser (e.g. GitWeb). * Move the project listing menu items to a new top-level item + Finding the project listing was very opaque to end users. Nobody expected to look under `Admin` and furthermore, anonymous users were unable to find that link at all. + Introduced a new top-level `Projects` menu that has `List` in it to take you to the project listing. + In addition the `Create new project` link from the top of that listing was moved to this new menu. * Move the Groups and Plugins menu items to the top level + The top-level Admin menu is removed as it is now unnecessary after the Projects, Groups and Plugins menu items were moved to the top-level. * Move form for group creation to own screen + Move the form for the group creation from the GroupListScreen to an own new CreateGroupScreen and add a link to this screen at the beginning of the GroupListScreen. The link to the CreateGroupScreen is only visible if the user has the permission to create new groups. * Drop the `Owners` column from the group list screen + The `Owners` column on the group list screen has been dropped in order to link:#performance-issue-on-showing-group-list[speed up the loading of the group list screen]. * Drop the `Group Type` column from the group list screen + Since link:#migrate-ldap-groups[the LDAP group type was removed] there is no need to display the group type on the group list screen anymore. There are only 3 `SYSTEM` groups using well known names, and everything else has the type `INTERNAL`. * When adding a user to a group create an account for the user if needed + Trying to add a user to a group that doesn't have an account fails with '... is not a registered user.'. Now adding a user to a group does not immediately fail if there is no account for the user, but it tries to authenticate the user and if the authentication is successful a user account is automatically created, so that the user can be added to the group. This only works if LDAP is used as user backend. + This allows to add users to groups that did not log in into Gerrit before. * Differentiate between draft changes and draft comments + Show the draft changes of the user when he clicks on `My` > `Drafts`. The user's draft comments are now available under `My` > `Draft Comments`. * Show NotFoundScreen if a user that can't create projects tries to access the ProjectCreationScreen * Add Edit, Reload next to non-editable Full Name field + If the user database is actually an external system users might need go to another server to edit their account data, and then re-import their account data by going through a login cycle. This is highly similar to LDAP where the directory provides account data and its refreshed every time the user visits the `/login/` URL handler. + The URL for the external system can be configured for the link:#custom-extension[`CUSTOM_EXTENSION`] auth type. Access Rights ~~~~~~~~~~~~~ * Restrict rebasing of a change in the web UI to the change owner and the submitter * Add a new link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/access-control.html#category_rebase[ access right to permit rebasing changes in the web UI] * link:http://code.google.com/p/gerrit/issues/detail?id=930[issue 930]: Add new link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/access-control.html#category_abandon[ access right for abandoning changes] * Check if user can upload in order to restore + Restoring a change is similar to uploading a new change. If a branch gets closed by removing the access rights to upload new changes it shouldn't be possible to restore changes for this branch. [[hide-config]] * Make read access to `refs/meta/config` by default exclusive to project owners + When initializing a new site a set of default access rights is configured on the `All-Projects` project. These default access rights include read access on `refs/*` for `Anonymous Users` and read access on `refs/meta/config` for `Project Owners`. Since the read access on `refs/meta/config` for `Project Owners` was not exclusive, `Anonymous users` were able to access the `refs/meta/config` branch which by default should only be accessible by the project owners. Search ~~~~~~ * Offer suggestions for the search operators in the search panel + There are many search operators and it's difficult to remember all of them. Now the search operators are suggested as the user types the query. * Support alias `self` in queries + Writing an expression like "owner:self status:open" will now identify changes that the caller owns and are still open. This `self` alias is valid in contexts where a user is expected as an argument to a query operator. * Add parent(s) revision information to output of query command * Add owner username to output of query command * `/query` API has been link:#query-deprecation[deprecated] SSH ~~~ * link:http://code.google.com/p/gerrit/issues/detail?id=1095[issue 1095] link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-set-account.html[SSH command to manage accounts] * On link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-create-account.html[account creation] a password for HTTP can be specified. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-set-project.html[SSH command to manage project settings] * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-test-submit-rule.html[SSH command to test submit rules] + The command creates a fresh Prolog environment and loads a Prolog script from stdin. `can_submit` is then queried and the results are returned to the user. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-ban-commit.html[SSH command to ban commits] [[ssh-alias]] * Enable aliases for SSH commands + Site administrators can define aliases for SSH commands in the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#ssh-alias[`ssh-alias` section] of the Gerrit configuration. * Add submit records to the output of the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-query.html[query] SSH command: + Add a command line option to the `query` SSH command to include submit records in the output. + This facilitates the querying of information relating to the submit status from the command line and by API clients, including information such as whether the change can be submitted as-is, and whether the submission criteria for each review label has been met. * Support JSON output format for the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-ls-projects.html[ls-projects] SSH command * Support creation of multiple branches in link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-create-project.html[create-project] SSH command + In case if a project has some kind of waterfall automerging a->b->c it is convenient to create all these branches at the project creation time. + e.g. '.. gerrit create-project -b master -b foo -b bar ...' * Add verbose output option to link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-ls-groups.html[ls-groups] command + The verbose mode enabled by the new option makes the ls-groups command output a tab-separated table containing all available information about each group (though not its members). Documentation ~~~~~~~~~~~~~ Commands ^^^^^^^^ * document for the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-create-group.html[`create-group`] command that for unknown users an account is automatically created if the LDAP authentication succeeds * Update documentation and help text for the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-review.html[`review`] SSH command + The review command can be applied to multiple changes, but the help text was written in singular tense. + Add a paragraph in the documentation explaining that the `--force-message` option will not be effective if the `review` command fails because the user is not permitted to change the label. * Clarify that `init --batch` doesn't drop old database objects * Update the list of unsupported slave commands * Fix link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/cmd-stream-events.html[`stream-events`] documentation + Some attributes contained in the events were not described, for a few others the name was given in a wrong case. * Fix and complete synopsis of commands Access Control ^^^^^^^^^^^^^^ * Clarify the ref format for link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/access-control.html#category_push_merge[`Push Merge Commit`] + Elaborate on the required format of the ref used for `Push Merge Commit` access right entries to avoid user confusion when granting access to `refs/heads/*` still doesn't allow them to push any merge commits. * Document the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/access-control.html#capability_emailReviewers[ `emailReviewers`] capability Error ^^^^^ * Improve documentation of link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/error-change-closed.html[ `change closed` error] + The `change closed` error can also occur when trying to submit a review label with the SSH review command onto a change that has been closed (submitted and merged, or abandoned) or onto a patchset that has been replaced by a newer patchset. * Correct documentation of `invalid author` and `invalid committer` errors + The error messages `you are not committer ...` and `you are not author ...` were replaced with `invalid author` and `invalid committer`. * Describe that the `prohibited by Gerrit` error is returned if pushing a tag fails because the tagger is somebody else and the `Forge Committer` access right is not assigned. Dev ^^^ * Update push URL in link:../SUBMITTING_PATCHES[SUBMITTING_PATCHES] + Pushes are now accepted at the same address as clone/fetch/pull. * Update link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-contributing.html[contributor document] + We now prefer to use Guava (previously known as Google Collections). * Fixed broken link to source code + Updated the documentation source code links to point to: http://code.google.com/p/gerrit/source/checkout * State link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-eclipse.html#known-problems[known issues] when debugging Gerrit with Eclipse * Improved the section on link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-eclipse.html#hosted-mode[hosted mode debugging] + The existing section on hosted mode debugging left out a couple of steps, and the requirement to use `DEVELOPMENT_BECOME_ANY_ACCOUNT` instead of `OpenID` was not mentioned anywhere. * Add a link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-release.html[release preparation document] + Document what it takes to make a Gerrit stable or stable-fix release, and how to release Gerrit subprojects. Other ^^^^^ * Add link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/prolog-cookbook.html[Cookbook for Prolog submit rules] + A new document providing a step by step introduction into implementing specific submit policies using Prolog based submit rules was added. * Describe link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/refs-notes-review.html[ `refs/notes/review` and its contents] * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-mail.html[Document `RebasedPatchSet.vm` and `Reverted.vm` mail templates] * Specify output file for curl commands in documentation + For downloading the `commit-msg` hook and the `gerrit-cherry-pick` script users can either use scp or curl. Specify the output file for each curl command so that the result is equal to the matching scp command. * Document that user must be in repository root to install `commit-msg` hook * Add some clarifications to the link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/install-quick.html[quick installation guide] * Add missing documentation about link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#hooks[hook configuration] + Add documentation of hook config for `change-restored`, `ref-updated` and `cla-signed` hooks. * Document that the commit message hook file should be executable * Mention that also MySQL supports replication, not just Postgres * Make sorting of release notes consistent so that the release notes for the newest release is always on top * Various corrections + Correct typos, spelling mistakes, and grammatical errors. Dev ~~~ * Add link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/dev-release.html#plugin-api[script for releasing plugin API jars] * Pushes are now accepted at the same address as clone/fetch/pull + To submit patches commits can be pushed to https://gerrit.googlesource.com/gerrit * Add `-Pchrome`, `-Pwebkit`, `-Pfirefox` aliases for building + This makes it easier to build for the browser you want to test on, rather than remembering what its GWT name is. * Disable assertions for KeyCommandSet when running in gwtdebug mode + The assertions in the KeyCommandSet class cause exceptions when a KeyCommand is registered several times. * Add the run profiles to the favorites menu * Add Intellij IDEA files to ignore list * Move local Maven repository to Google Cloud Storage * Make sure asciidoc uses unix line endings in generated HTML. + Use an explicit asciidoc attribute to make sure the produced HTML will always contain unix line endings. This will help in producing build results that are better comparable by size. * Remove timestamp from all `org.eclipse.core.resources.prefs` files + Eclipse overwrites these files when we import projects using m2e. Eclipse 3 writes a timestamp at the top of these files making the Git working tree dirty. Eclipse 4 (Juno) still overwrites these files but doesn't write the timestamp. This should help to keep the working tree clean. However, since the timestamp is currently present in these files, Eclispe 4 would still make them dirty by overwriting and effectively removing the timestamp. + This change removes the timestamp from these files. This helps those using Eclipse 4 and doesn't make it worse for those still using Eclispe 3. * Add Maven profile to skip build of plugin modules + Building the plugin modules ('Plugin API' and 'Plugin Archetype') may take a significant amount of time (since many jars are downloaded). During development it is not needed to build the plugin modules. A new Maven profile was added that skips the build of the plugin modules, so that developers have a faster turnaround. This profile is called `no-plugins` and it's active by default. To include the plugin modules into the build activate the `all` profile: + ---- mvn clean package -P all ---- + The script to make release builds has been adapted to activate the `all` profile so that the plugin modules are always built for release builds. Mail ~~~~ * Add unified diff to newchange mail template + Add `$email.UnifiedDiff` as new macro to the `NewChange.vm` mail template. This macro is expanded to a unified diff of the patch. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#sendemail.includeDiff[ sendemail.includeDiff]: Enable `$email.UnifiedDiff` in `NewChange.vm` + Instead of making site administrators hack the email template, allow admins to enable the diff feature by setting a configuration variable in `gerrit.config`. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#sendemail.maximumDiffSize[ sendemail.maximumDiffSize]: Limit the size of diffs sent by email + If a unified diff included in an email will exceed the limit configured by the system administrator, only the affected file paths are listed in the email instead. This gives interested parties some context on the size and scope of the change, without killing their inbox. * Catch all exceptions when emailing change update * Allow unique from address generation + Allow the from email address to be a ParameterizedString that handles the `${userHash}` variable. The value of the variable is the md5 hash of the user name. This allows unique generation of email addresses, so GMAIL threads names of users in conversations correctly. For example, the from pattern for gerrit-review defined in the Gerrit configuration looks like this: + ---- [sendemail] from = ${user} ---- * Show new change URLs in the body of the new change email + Some email clients hide the signature section of an email automatically. If there are no reviewers listed on a new change, such as when a change is pushed over HTTP and a notification is automatically sent out to any subscribed watchers, the URL was hidden inside of the signature and not readily available. + Show the URL right away in the body. Miscellaneous ~~~~~~~~~~~~~ * Back in-memory caches with Guava, disk caches with H2 + Instead of using Ehcache for in-memory caches, use Guava. The Guava cache code has been more completely tested by Google in high load production environments, and it tends to have fewer bugs. It enables caches to be built at any time, rather than only at server startup. + By creating a Guava cache as soon as it is declared, rather than during the LifecycleListener.start() for the CachePool, we can promise any downstream consumer of the cache that the cache is ready to execute requests the moment it is supplied by Guice. This fixes a startup ordering problem in the GroupCache and the ProjectCache, where code wants to use one of these caches during startup to resolve a group or project by name. + Tracking the Guava backend caches with a DynamicMap makes it possible for plugins to define their own in-memory caches using CacheModule's cache() function to declare the cache. It allows the core server to make the cache available to administrators over SSH with the gerrit show-caches and gerrit `flush-caches` commands. + Persistent caches store in a private H2 database per cache, with a simple one-table schema that stores each entry in a table row as a pair of serialized objects (key and value). Database reads are gated by a BloomFilter, to reduce the number of calls made to H2 during cache misses. In theory less than 3% of cache misses will reach H2 and find nothing. Stores happen on a background thread quickly after the put is made to the cache, reducing the risk that a diff or web_session record is lost during an ungraceful shutdown. + Cache databases are capped around 128M worth of stored data by running a prune cycle each day at 1 AM local server time. Records are removed from the database by ordering on the last access time, where last accessed is the last time the record was moved from disk to memory. * Add OpenID SSO support. + Setting `OPENID_SSO` for link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#auth.type[`auth.type`] in the `gerrit.config` will allow the admin to specify an SSO entry point URL so that users clicking on "Sign In" are sent directly to that URL. * Git over HTTP BasicAuth against Gerrit basic auth. + Allows the configuration of native Gerrit username/password authentication scheme used for Git over HTTP BasicAuth, as alternative of the default DigestAuth scheme against the random generated password on Gerrit DB. + Example setting for link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#auth.type[ `auth.type`] and link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#auth.gitBasicAuth[ `auth.gitBasicAuth`]: + ---- [auth] type = LDAP gitBasicAuth = true ---- + With this configuration Git over HTTP protocol will be authenticated using `HTTP-BasicAuth` and credentials checked on LDAP. * Abstract group systems into GroupBackend interface + Group backends are supposed to use unique prefixes to isolate the namespaces. E.g. the group backend for LDAP is using `ldap/` as prefix for the group names. + This means that to refer to an LDAP group in the WebUI the group name needs to be prefixed with the `ldap/` string. E.g. if there is a group in LDAP which is called "Developers", Gerrit will suggest this group when the user types `ldap/De`. + WARNING: External groups are not anymore allowed to be members of internal groups. [[migrate-ldap-groups]] * Migrate existing internal LDAP groups + Previously, LDAP groups were mirrored in the AccountGroup table and given an Id and UUID the same as internal groups. Update these groups to be backed by only a GroupReference, with a special "ldap:" UUID prefix. Migrate all existing references to the UUID in ownerGroupUUID and any `project.config`. + This made the LDAP group type obsolete and it was removed. * link:https://code.google.com/p/gerrit/issues/detail?id=548[issue 548]: Make commands to download patch sets link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#download.command[configurable] + For patch sets on the ChangeScreen different commands for downloading the patch sets are offered. For some installations not all commands are needed. Allow Gerrit administrators to configure which download commands should be offered. * Add more link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#theme[theme color options] + ** Add a theme option to change outdated background color ** Add odd/even row background color for tables such as list of open reviews. This makes them more visible without clicking on them. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/user-notify.html[Add `notify` section in `project.config`] + The notify section allows project owners to include emails to users directly from `project.config`. This removes the need to create fake user accounts to always BCC a group mailing list. * Include the contributor agreements in the `project.config` and migrate contributor agreements to `All-Projects` + Update the parsing of `project.config` to support the contributor agreements. + Add a new schema to move the ContributorAgreement, AccountAgreement, and AccountGroupAgreement information into the `All-Projects` `project.config`. * Add `sameGroupVisibility` to `All-Projects` `project.config` + The `sameGroupVisiblity` is needed to restrict the visibility of accounts when `accountVisibility` is `SAME_GROUP`. Namely, this is a way to make sure the `autoVerify` group in a `contributor-agreements` section is never suggested. * Add change topic in hook arguments + It was not possible for hook scripts to include topic-specific behavior because the topic name was not included in the arguments. * Add `--is-draft` argument on `patchset-created` hook + The `--is-draft` argument will be passed with either `true` if the patchset is a draft, or `false` otherwise. + This can be used by hooks that need to behave differently if the change is a draft. * Log sign in failures on info level + If for a user signing in into the Gerrit web UI fails, this can have many reasons, e.g. username is wrong, password is wrong, user is marked as inactive, user is locked in the user backend etc. In all cases the user just gets a generic error message 'Incorrect username or password.'. Gerrit administrators had trouble to find the exact reason for the sign in problem because the corresponding AccountException was not logged. * Do not log 'Object too large' as error with full stacktrace + If a user pushes an object which is larger than the configured `receive.maxObjectSizeLimit` parameter, the push is rejected with an 'Object too large' error. In addition an error log entry with the full stacktrace was written into the error log. + This is not really a server error, but just a user doing something that is not allowed, and thus it should not be logged as error. For a Gerrit administrator it might still be interesting how often the limit is hit. This is why it makes sense to still log this on info level. + For the user pushing a too large object we now do not print the 'fatal: Unpack error, check server log' message anymore, but only the 'Object too large' error message. * Add better explanations to rejection messages + Provide information to the user why a certain push was rejected. * Automatic schema upgrade on Gerrit startup + In case when Gerrit administrator(s) don't have a direct access to the file system where the review site is located it gets difficult to perform a schema upgrade (run the init program). For such cases it is convenient if Gerrit performs schema upgrade automatically on its startup. + Since this is a potentially dangerous operation, by default it will not be performed. The configuration parameter link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#site.upgradeSchemaOnStartup[ site.upgradeSchemaOnStartup] is used to switch on automatic schema upgrade. * Shorten column names that are longer than 30 characters + Some databases can't deal with column names that are longer than 30 characters. Examples are MaxDB and link:http://groups.google.com/group/repo-discuss/browse_thread/thread/ecb713d42c04ae8a/cc963525d8247a17?lnk=gst#cc963525d8247a17[Oracle]. + Gerrit had two column names in the `accounts` table that exceeded the 30 characters: `displayPatchSetsInReverseOrder`, `displayPersonNameInReviewCategory` + These 2 columns were renamed so that their names fit within the 30 character range. * Increase the maximum length for tracking ID's to 32 characters + So far tracking ID's had a maximum length of only 20 characters. * Set `GERRIT_SITE` in Gerrit hooks as environment variable + Allows development of hooks parameterized on Gerrit location. This can be useful to allow hooks to load the Gerrit configuration when needed (from `$GERRIT_SITE`) or even store their additional config files under `$GERRIT_SITE/etc` and retrieve them at startup. * Add an exponentially rolling garbage collection script + `git-exproll.sh` is a git garbage collection script aimed specifically at reducing excessive garbage collection and particularly large packfile churn for Gerrit installations. + Excessive garbage collection on "dormant" repos is wasteful of both CPU and disk IO. Large packfile churn can lead to heavy RAM and FS usage on Gerrit servers when the Gerrit process continues to hold open the old delete packfiles. This situation is most detrimental when jgit is configured with large caching parameters. Aside from these downsides, running git gc often can be very beneficial to performance on servers. This script attempts to implement a git gc policy which avoids the downsides mentioned above so that git gc can be comfortably run very regularly. + `git-exproll.sh` uses keep files to manage which files will get repacked. It also uses timestamps on the repos to detect dormant repos to avoid repacking them at all. The primary packfile objective is to keep around a series of packfiles with sizes spaced out exponentially from each other, and to roll smaller packfiles into larger ones once the smaller ones have grown. This strategy attempts to balance disk space usage with avoiding rewriting large packfiles most of the time. + The exponential packing objective above does not save a large amount of time or CPU, but it does prevent the packfile churn. Depending on repo usage, however the dormant repo detection and avoidance can result in a very large time savings. * Automatically flush persistent H2 cache if the existing cache entries are incompatible with the cache entry class and thus can't be deserialized * Unpack JARs for running servers in `$site_path/tmp` + Instead of unpacking a running server into `~/.gerritcodereview/tmp` only use that location for commands like init where there is no active site. From gerrit.sh always use `$site_path/tmp` for the JARs to isolate servers that run on the same host under the same UNIX user account. [[custom-extension]] * Allow for the `CUSTOM_EXTENSION` `auth.type` to configure URLs for editing the user name and obtaining an HTTP password + Allow `CUSTOM_EXTENSION` auth type to supply by `auth.editFullNameUrl` a URL in the web UI that links users to the other account system, where they can edit their name, and then use another reload URL to cycle through the `/login/` step and refresh the data cached by Gerrit. + Allow `CUSTOM_EXTENSION` auth type to supply by `auth.httpPasswordUrl` a URL in the web UI that allows users to obtain an HTTP password. + Like the rest of the `CUSTOM_EXTENSION` stuff, this is hack that will eventually go away when there is proper support for authentication plugins. Performance ~~~~~~~~~~~ [[performance-issue-on-showing-group-list]] * Fix performance issues on showing the list of groups in the Gerrit WebUI + Loading `Admin` > `Groups` on large servers was very slow. The entire group membership database was downloaded to the browser when showing just the list of groups. + Now the amount of data that needs to be downloaded to the browser is reduced by using the more lightweight `AccountGroup` type instead of the `GroupDetail` type when showing the groups in a list format. As a consequence the `Owners` column that showed the name of the owner group had been dropped. * Add LDAP-cache to minimize number of queries when unnesting groups + A new cache named "ldap_groups_byinclude" is introduced to help lessen the number of queries needed to resolve nested LDAP-groups. * Add index for accessing change messages by patch set + This improves the performance of loading the dashboards. * Add a fast path to avoid checking every commit on push + If a user can forge author, committer and gerrit server identity, and can upload merges, don't bother checking the commit history of what is being uploaded. This can save time on servers that are trying to accept a large project import using the push permission. * Improve performance of `ReceiveCommits` by reducing `RevWalk` load + JGit RevWalk does not perform well when a large number of objects are added to the start set by `markStart` or `markUninteresting`. Avoid putting existing `refs/changes/` or `refs/tags/` into the `RevWalk` and instead use only the `refs/heads` namespace and the name of the branch used in the `refs/for/` push line. + Catch existing changes by looking for their exact commit SHA-1, rather than complete ancestry. This should have roughly the same outcome for anyone pushing a new commit on top of an existing open change, but with lower computational cost at the server. * Lookup changes in parallel during `ReceiveCommits` + If the database has high query latency, the loop that locates existing changes on the destination branch given Change-Id can be slow. Start all of the queries as commits are discovered, but don't block on results until all queries were started. + If the database can build the `ResultSet` in the background, this may hide some of the query latency by allowing the queries to overlap when more than one lookup must be performed for a push. * Perform change update on multiple threads + When multiple changes need to be created or updated for a single push operation they are now inserted into the database by parallel threads, up to the maximum allowed thread count. The current thread is used when the thread pool is already fully in use, falling back to the prior behavior where each concurrent push operation can do its own concurrent database update. The thread pool exists to reduce latency so long as there are sufficient threads available. + This helps push times on databases that are high latency, such as database servers that are running on a different machine from the Gerrit server itself, e.g. gerrit.googlesource.com. + The new thread pool is link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#receive.changeUpdateThreads[ disabled by default], limiting the overhead to servers that have good latency with their database, such as using in-process H2 database, or a MySQL or PostgreSQL on the same host. * Use `BatchRefUpdate` to execute reference changes + Some storage backends for JGit are able to update multiple references in a single pass efficiently. Take advantage of this by pushing any normal reference updates (such as direct push or branch create) into a single `BatchRefUpdate` object. * Assume labels are correct in ListChanges + To reduce end-user latency when displaying changes in a search result or user dashboard, assume the labels are accurate in the database at display time and don't recompute the access privileges of a reviewer. * Notify the cache that the git_tags was modified + The tag cache was updated in-place, which prevented the H2 based storage from writing out the updated tag information. This meant servers almost never had the right data stored on disk and had to recompute it at startup. + Anytime the value is now modified in place, put it back into the cache so it can be saved for use on the next startup. * Special case hiding `refs/meta/config` from Git clients + VisibleRefFilter requires a lot of server CPU to accurately provide the correct listing to clients when they cannot read `refs/*`. + Since the default configuration is now to link:#hide-config[ hide `refs/meta/config`], use a special case in VisibleRefFilter that permits showing every reference except `refs/meta/config` if a user can read every other reference in the repository. * Avoid second remote call to lookup approvals when loading change results + By using the new link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/rest-api-changes.html[`/changes/`] REST endpoint the web UI client now obtains the label information during the query and avoids a second round trip to lookup the current approvals for each displayed change. For most users this should improve the way the page renders. The verified and code review columns will be populated before the table is made visible, preventing the layout from "jumping" the way the old UI did when the 2nd RPC finally finished and supplied the label data. * Load patch set approvals in parallel + ResultSet is a future-like interface, the database system is free to execute each result set asynchronously in the background if it supports that. gwtorm's default SQL backend always runs queries immediately and then returns a ListResultSet, so for most installs this has no real impact in ordering. + For the system that runs gerrit-review, each query has a high cost in network latency, the system treats ResultSet as a future promise to supply the matching rows. Getting all of the necessary ResultSets up front allows the database to send all requests to the backend as early as possible, allowing the network latency to overlap. Upgrades -------- * Update Gson to 2.1 * Update GWT to 2.4.0 * Update JGit to 2.0.0.201206130900-r.23-gb3dbf19 * Use gwtexpui 1.2.6 + ** Hide superfluous status text from clippy flash widget ** Fix disappearance of text in CopyableLabel when clicking on it * Update Guava to 12.0.1 + This fixes a performance problem with LoadingCache where the cache's inner table did not dynamically resize to handle a larger number of cached items, causing O(N) lookup performance for most objects. Bug Fixes --------- Security ~~~~~~~~ * Ensure that only administrators can change the global capabilities + Only Gerrit server administrators (members of the groups that have the `administrateServer` capability) should be able to edit the global capabilities because being able to edit the global capabilities means being able to assign the `administrateServer` capability. + Because of this on the `All-Projects` project it is disallowed to assign + . the `owner` access rights on `refs/*` + Project owners (members of groups to which the `owner` access right is assigned) are able to edit the access control list of the projects they own. Hence being owner of the `All-Projects` project would allow to edit the global capabilities and assign the `administrateServer` capability without being Gerrit administrator. + In earlier Gerrit versions (2.1.x) it was already implemented like this but the corresponding checks got lost. + . the 'push' access right on `refs/meta/config` + Being able to push configuration changes to the `All-Projects` project allows to edit the global capabilities and hence a user with this access right could assign the `administrateServer` capability without being Gerrit administrator. + From the Gerrit WebUI (ProjectAccessScreen) it is not possible anymore to assign on the `All-Projects` project the `owner` access right on `refs/*` and the `push` access right on `refs/meta/config`. + In addition it is ensured that an `owner` access right that is assigned for `refs/*` on the `All-Projects` project has no effect and that only Gerrit administrators with the `push` access right can push configuration changes to the `All-Projects` project. + It is still possible to assign both access rights (`owner` on `refs/*` and `push` on `refs/meta/config`) on the `All-Projects` project by directly editing its `project.config` file and pushing to `refs/meta/config`. To fix this it would be needed to reject assigning these access rights on the `All-Projects` project as invalid configuration, however doing this would mean to break existing configurations of the `All-Projects` project that assign these access rights. At the moment there is no migration framework in place that would allow to migrate `project.config` files. Hence this check is currently not done and these access rights in this case have simply no effect. Web ~~~ * Do not show "Session cookie not available" on sign in + When LDAP is used for authentication, clicking on the 'Sign In' link opens a user/password dialog. In this dialog the "Session cookie not available." message was always shown as warning. This warning was pretty useless since the user was about to sign in because he had no current session. + This problem was discussed on the link:https://groups.google.com/forum/#!topic/repo-discuss/j-t77m8-7I0/discussion[ Gerrit mailing list]. * Reject restoring a change if its destination branch does not exist anymore * Reject submitting a change if its destination branch does not exist anymore + If a branch got deleted and there was an open change for this branch, it was still possible to submit this open change. As result the destination branch was implicitly recreated, even if the user submitting the change had no privileges to create branches. * link:http://code.google.com/p/gerrit/issues/detail?id=1352[issue 1352]: Don't display "Download" link for `/COMMIT_MSG` + The commit message file is special, it doesn't actually exist and cannot be downloaded. Don't offer the download link in the side by side viewer. * Dependencies were lost in the ChangeScreen's "Needed By" table + Older patchsets are now iterated for descendants, so that the dependency chain does not break on new upstream patchsets. * link:http://code.google.com/p/gerrit/issues/detail?id=1442[issue 1442]: Only show draft change dependency if current user is owner or reviewer + In the change screen, the dependencies panel was showing draft changes in the "Depends On" and "Needed By" lists for all users, and when there was no user logged in. * link:http://code.google.com/p/gerrit/issues/detail?id=1558[issue 1558]: Create a draft patch set when a draft patch set is rebased + Rebasing a draft patch set created a non-draft patch set. It was unexpected that rebasing a draft patch set published the modifications done in the draft patch set. * link:http://code.google.com/p/gerrit/issues/detail?id=1176[issue 1176]: Fix disappearance of download command in Firefox + Clicking on the download command for a patch set in Firefox made the download command disappear. * link:http://code.google.com/p/gerrit/issues/detail?id=1587[issue 1587]: Fix disappearance of action buttons when selecting the last patch set as `Old Version History` * Fix updating patch list when `Old Version History` is changed + If a collapsed patch set panel was expanded and re-closed it's patch list wasn't updated anymore when the selection for `Old Version History` was changed. * link:http://code.google.com/p/gerrit/issues/detail?id=1523[issue 1523]: Update diff base to match old version history + When changing the diff base in the `Old Version History` on the change screen and then entering the Side-By-Side view for a file, clicking on the back button in the browser (reentering the change screen) was causing the files to be wrongly compared with `Base` again. * Don't NPE if current patch set is not available + Broken changes may have the current patch set field incorrectly specified, causing currentPatchSet to be unable to locate the correct data and return it. When this happens don't NPE, just claim the change is not reviewed. * link:https://code.google.com/p/gerrit/issues/detail?id=1555[issue 1555]: Fix displaying of file diff if draft patch has been deleted + Displaying any file diff for a patch set failed if the change had any gaps in its patch set history. Patch sets can be missing, if they have been drafts and were deleted. * link:https://code.google.com/p/gerrit/issues/detail?id=856[issue 856]: Fix displaying of comments on deleted files + Published and draft comments that are posted on deleted files were not loaded and displayed. * link:https://code.google.com/p/gerrit/issues/detail?id=735[issue 735]: Fix `ArrayIndexOutOfBoundsException` on navigation to next/previous patch + An `ArrayIndexOutOfBoundsException` could occur when navigating from one patch to the next/previous patch if the next/previous patch was a newly added binary file. The exception occurred if the user was not signed in or if the user was signed in and had `Syntax Coloring` in the preferences enabled. * link:https://code.google.com/p/gerrit/issues/detail?id=816[issue 816]: Fix wrong file indention in Side-by-Sie diff viewer on right side * Only set reviewed attribute on open changes + If a change is merged or abandoned, do not consider the reviewed property for the calling user, so that the change is not highlighted as unreviewed on the user's dashboard. * Change PatchTable pointer when loading patch + This patch fixes an issue with the "file list" table displayed by clicking on the "Files" sub-menu when viewing a diff. + Originally when navigating between patch screens the highlighted row (pointer) of the file list table would not change when not directly interacting with the table e.g. by clicking on the previous or next file link. + This patch updates the file list table whenever a new patch screen is loaded so that the pointer corresponds to the current patch being displayed. * Don't hyperlink non-internal groups + When an external group (such as LDAP) is used in a permission rule, don't attempt to link to the group in the internal account system UI. The group won't load successfully. Instead just display the name and put the UUID into a tooltip to show the full DN. * Fix: Popup jumps back to original position when resizing screen + On 'Watched Projects' screen, the 'Browse' button displays a popup window. If the user moves it and then resizes the screen, it won't snap back to the original position. * link:http://code.google.com/p/gerrit/issues/detail?id=1457[issue 1457]: Prevent groups from being renamed to empty string * Fixed AccountGroupInfoScreen search callback + If the search returned no results, the search button would not be enabled and the status panel was not shown. Fixed the panel and button to always be enabled. * Fix NullPointerException on `/p/` + Requesting just `/p/` caused a NullPointerException as the redirection logic had no project name to form a URL from. Detect requests for `/p/` and redirect to 'Admin' > 'Projects' to show the projects the caller has access to. Mail ~~~~ * Fix: Rebase did not mail all reviewers * Fix email showing in AccountLink instead of names + Prefer the full name for the display text of the link. * Fix signature delimiter for e-mail messages + Make sure the signature delimiter is "-- " (two dashes and a space). * link:http://code.google.com/p/gerrit/issues/detail?id=1397[issue 1397]: Don't wait for banner message from SMTP server after STARTTLS negotiation + According to RFC 2847 section 5.2, SMTP server won't send the banner message again after STARTTLS negotiation. The original code will hang until SMTP server kicks it off due to timeout and can't send email with STARTTLS enabled, aka. `sendemail.smtpEncryption = tls`. * Extract all mail templates during site init + The example mail templates `RebasedPatchSet.vm`, `Restored.vm` and `Reverted.vm` were not extracted during the initialization of a new site. SSH ~~~ * Fix reject message if bypassing code review is not allowed + If a user is not allowed to bypass code review, but tries to push a commit directly, Gerrit rejected this push with the error message "can not update the reference as a fast forward". This message was confusing to the user since the push only failed due to missing access rights. Go back to the old message that says "prohibited by Gerrit". * Fix reject message if pushing tag is rejected because tagger is somebody else + Pushing a tag that has somebody else as tagger requires the `Forge Committer` access right. If this access right was missing Gerrit was rejecting the push with "can not create new references". This error message was misleading because the user may have thought that the `Create Reference` access right was missing which was actually assigned. + The same reject message was also returned on push of an annotated tag if the `Push Annotated Tag` access right was missing. Also in this case the error message was not ideal. + Go back to the old more generic message which says `prohibited by Gerrit`. * link:http://code.google.com/p/gerrit/issues/detail?id=1437[issue 1437]: Send event to stream when draft change is published + When a change is uploaded as a draft, a `patchset-created` event is sent to the event stream, but since drafts are private to the owner, the event is not publicly visible. When the draft is later published, no publicly visible event was sent. As result of this external tools that rely on the event stream to detect new changes didn't receive events for any changes that were first uploaded as draft. + There is now a new event, `draft-published`, which is sent to the event stream when a draft change is published. The content of this event is the same as `patchset-created`. * Fix: Wrong ps/rev in `change-merged` stream-event + When using cherry-pick as merge strategy, the wrong ref was set in the `change-merged` stream-event. + The issue stems from Gerrit would not acknowledge the resulting new pachset (the actual cherry-pick). * Fix NullPointerException in `query` SSH command + Running the `query` SSH command with the options `--comments` and `--format=JSON` failed with a NullPointerException if a change had a message without author. Change messages have no author if they were created by Gerrit. For such messages now the Gerrit Server identity is returned as author. * Fix the `export-review-notes` command's Guice bindings + The `export-review-notes` command was broken because of the CachePool class being bound twice. The startup of the command failed because of that. * Fix sorting of SSH help text + Commands were displaying in random order, sort commands before output. * `replicate` command: Do not log errors for wrong user input + If the user provided an invalid combination of command options or an non existing project name this was logged in the `error.log` but printing the error out to the user is sufficient. Authentication ~~~~~~~~~~~~~~ * Fix NPE in LdapRealm caused by non-LDAP users + Servers that are connected to LDAP but have non-LDAP user accounts created by `gerrit create-account` (e.g. batch role accounts for build systems) were crashing with a NullPointerException when the LdapRealm tried to discover which LDAP groups the non-LDAP user was a member of in the directory. * Fix domain field of HTTP digest authentication + Per RFC 2617 the domain field is optional. If it is not present, the digest token is valid on any URL on the server. When set it must be a path prefix describing the URLs that the password would be valid against. + When a canonical URL is known, supply that as the only domain that is valid. When the URL is missing (e.g. because the provider is still broken) rely on the context path of the application instead. Replication ~~~~~~~~~~~ * Fix inconsistent behavior when replicating `refs/meta/config` + In `replication.config`, if `authGroup` is set to be used together with `mirror = true`, refs blocked through the `authGroup` are deleted from the slave/mirror. The same correctly applies if the `authGroup` is used to block `refs/meta/config`. + However, if `replicatePermission` was set to `false`, Gerrit was refusing to clean up `refs/meta/config` on the slave/mirror. * Fix bug with member assignment order in PushReplication. + The groupCache was being used before it was set in the class. Fix the ordering of the assignment. Approval Categories ~~~~~~~~~~~~~~~~~~~ * Make `NoBlock` and `NoOp` approval category functions work + The approval category functions `NoBlock` and `NoOp` have not worked since the integration of Prolog. + `MAY` was introduced as a new submit record status to complement `OK`, `REJECT`, `NEED`, and `IMPOSSIBLE`. This allows the expression of approval categories (labels) that are optional, i.e. could either be set or unset without ever influencing whether the change could be submitted. Previously there was no way to express this property in the submit record. + This enables the `NoBlock` and `NoOp` approval category functions to work as they now emit may() terms from the Prolog rules. Previously they returned ok() terms lacking a nested user term, leading to exceptions in code that expected a user context if the label was `OK`. * Fix category block status without negative score + Categories without blocking or approval scores will result in the blocking/approved image appearing in the category column after changes are merged should the score by the reviewer match the minimum or maximum value respectively. + A check to ignore "No Score" values of 0 was added. * Don't remove dashes from approval category name + If an approval category name contained a dash, it was removed by Gerrit. On the other side a space in an approval category name is converted to a dash. This was confusing for writing Prolog submit rules. If, for example, one defined a new category named `X-Y`, then in the Prolog code the proper name for that category would have been `XY` which was unintuitive. * Fix NPE in `PRED__load_commit_labels_1` + If a change query uses reviewer information and loads the approvals map, but there are no approvals for a given patch set available, the collection came out null, which cannot be iterated. Make it always be an empty list. Other ~~~~~ * link:http://code.google.com/p/gerrit/issues/detail?id=1554[issue 1554]: Fix cloning of new projects from slave servers + If a new project is created in Gerrit the replication creates the repository for this new project directly in the filesystem of the slave server. The slave server was not discovering this new repository and as result any attempt to clone the corresponding project from the slave server failed. * link:http://code.google.com/p/gerrit/issues/detail?id=1548[issue 1548]: Create a ref for the patch set that is created when a change is cherry-picked and trigger the replication for it: + If Cherry Pick is chosen as submit type, on submit a new commit is created by the cherry-pick. For this commit a new patch set is created which is added to the change. Using any of the download commands to fetch this new patch set failed with 'Couldn't find remote ref' because no ref for the new patch set was created. * link:http://code.google.com/p/gerrit/issues/detail?id=1626[issue 1626]: Fix NullPointerException on cherry-pick if `changeMerge.test` is enabled * link:http://code.google.com/p/gerrit/issues/detail?id=1491[issue 1491]: Fix nested submodule updates * Set link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#transfer.timeout[transfer timeout] for pushes through HTTP + The transfer timeout was only set when pushing via SSH. * link:http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/config-gerrit.html#receive.maxObjectSizeLimit[ Limit maximum Git object size] when pushing through HTTP + The limit for the maximum object size was only set when pushing via SSH. * Fix units of `httpd.maxwait` + The default unit here is minutes, but Jetty wants to get milliseconds from the maxWait field. Convert the minutes returned by getTimeUnit to be milliseconds, matching what Jetty expects. + This should resolve a large number of 503 errors for Git over HTTP. * link:http://code.google.com/p/gerrit/issues/detail?id=1493[issue 1493]: Fix wrong "change ... closed" message on direct push + Pushing a commit directly into the central repository with bypassing code review wrongly resulted in a "change ... closed" message if the commit was already pushed for review and if a Change-Id was included in the commit message. Despite of the error message the push succeeded and the corresponding change got closed. Now the message is not printed anymore. * Fix NPE that can hide guice CreationException on site init + Note that the `--show-stack-trace` option is needed to print the stack trace when a program stops with a Die exception. * Do not automatically add author/committer as reviewer to drafts * Do not automatically add reviewers from footer lines to drafts * Fix NullPointerException in MergeOp + The body of the commit object may have been discarded earlier to save memory, so ensure it exists before asking for the author. * link:http://code.google.com/p/gerrit/issues/detail?id=1396[issue 1396]: Initialize the submodule commit message buffer * Fix file name matching in `commit_delta` to perform substring matching + The `commit_delta` predicate was matching the entire file name against the given regular expression while other predicates (`commit_edits`, `commit_message_matches`) performed substring matching. It was inconsistent that for `commit_delta` it was needed to write something like: + ---- commit_delta('.*\.java') ---- + to match all `*.java` files, while for `commit_edits` it was: + ---- commit_edits('\.java$', '...') ---- + to match the same set of (Java) files. * Create index for submodule subscriptions on site upgrade * Fix URL to Jetty XML DTDs so they can be properly validated * Fix resource leak when `changeMerge.test` is `true` * Fix possible synchronization issue in TaskThunk * Fix possible NPEs in `ReplaceRequest.cmd` usage in `ReceiveCommits` + The `cmd` field is populated by `validate(boolean)`. If this method fails, results on some `ReplaceRequests` may not be set. Guard the attempt to access the field with a null check. * Match no labels if current patch set is not available + If the current patch set cannot be loaded from `ChangeData`, assume no label information. This works around an NullPointerException inside of `ChangeControl` where the `PatchSet` is otherwise required. * Create new patch set references before database records + Ensure the commit used by a new change or replacement patch set always exists in the Git repository by writing the reference first as part of the overall `BatchRefUpdate`, then inserting the database records if all of the references stored successfully. * Fix rebase patch set and revert change to update Git first + Update the Git reference before writing to the database. This way the repository cannot be corrupted if the server goes down between the two actions. * Make sure we use only one type of NoteMerger for review notes creation * Fix generation of owner group in GroupDetail + Set the GroupDetail.ownerGroup to the AccountGroup.ownerGroupUUID instead of the groupUUID. * Ensure that ObjectOutputStream in H2CacheImpl is closed * Ensure that RevWalk in SubmoduleOp is released