Download: 2.16.2 | 2.16.1 | 2.16

Documentation: 2.16.2 | 2.16.1 | 2.16

Release Highlights

  • GWT UI is deprecated, and PolyGerrit is now the default UI.

  • Experimental Dark Mode in PolyGerrit.

  • Inline editing support in PolyGerrit UI.

  • Redesigned UI for PolyGerrit based on material design.

  • New configuration option to ignore self-approval on labels.

  • New CommonMark/Markdown parser.

Important Notes

Known problem with schema upgrade

When a gerrit site older than 2.15 is migrated to 2.16, then schema migration should be first performed to the latest 2.15.x release.

To upgrade to the latest 2.15.x release:

  java -jar gerrit-2.15.latest.war init -d ${site_path}

Known problem with plugins and index

Since 2.14.2 the plugins are loaded before online reindexing is started, so that prolog rules provided by plugins can be invoked during indexing. See issue 6472 for details.

This causes a problem for any plugins that access the index either directly or indirectly (i.e. by accessing a cache), because the index is not yet available when the plugin is loaded during server startup. An example of this is in the replication plugin, which needs to use the group cache when authGroup is used in a destination configuration.

A fix issue 10082 is available since 2.16.3 release.

Migration to NoteDb

NoteDb is now required for accounts (since 2.15) and groups (since 2.16), and is the preferred storage for changes.

In Gerrit 2.15:

  • Account data (with the exception of Group data) was moved to NoteDB (release notes).
  • Change data could be either moved to NoteDB (migration process), or left in ReviewDB.

In Gerrit 2.16:

  • Group data is always moved to NoteDB (it is migrated automatically during the upgrade process, when you run gerrit.war init).

When upgrading to Gerrit v2.16, you are strongly advised to migrate fully (including changes) from ReviewDb to NoteDb.

You should review the documentation on NoteDb, including the information about the migration process:

Although ReviewDb is still technically available on Gerrit v2.16, the upgrade to NoteDb is strongly recommended, although not enforced.

Note that in the next version of Gerrit (v3.0), ReviewDb will not be available.

Schema Changes

This release contains schema changes. To upgrade:

  java -jar gerrit.war init -d ${site_path}

Reindex for new projects index and changed group index

Gerrit 2.16 introduces a new secondary index for projects. The initial version of this index must be created by running the offline reindex before starting Gerrit:

  java -jar gerrit.war reindex --index projects -d ${site_path}

The group index gained two new fields, which Gerrit 2.16 depends on. For this reason, the following command to offline reindex the group index must be executed as well:

  java -jar gerrit.war reindex --index groups -d ${site_path}

The offline reindex for groups should also be run on Gerrit slave hosts.

Note that if you are migrating from v2.15, it is not necessary to reindex the changes and accounts indexes offline. These will automatically be reindexed by the online reindexer after starting Gerrit.

Support for GWT UI is deprecated

From 2.16 GWT UI is deprecated and will be removed in a future version.

Support for Velocity templates removed

In version 2.14 support for Soy templates was added. For backwards compatibility, support for Velocity templates (VTL) was kept.

In version 2.16 support for VTL is completely removed. Site administrators must replace any Velocity templates (.vm files in $site/etc/mail/) with the equivalent Soy templates before upgrading to this version.

Push to refs/changes is deprecated

The possibility to push to refs/changes is now disabled by default. It is still possible to enable it in the gerrit config by setting receive.allowPushToRefsChanges to true.

Some proxies, which are not under client control, prohibit DELETE requests with bodies. DELETE requests with bodies could work on a first attempt, but could fail afterwards because a server they have no control over was updated. In this case, client users could be in trouble if they were not notified.

Therefore, we have decided to no longer recommend sending DELETE requests with bodies. They will continue to work in this release but should be considered as deprecated and will be removed in the next release.

Pegdown is replaced by Flexmark

flexmark-java is a Java implementation of CommonMark 0.28 spec parser using the blocks first, inlines after Markdown parsing architecture.

Its strengths are speed, flexibility, Markdown source element based AST with details of the source position down to individual characters of lexemes that make up the element and extensibility, compared to Pegdown speed that was, in general, less than ideal and for pathological input either hangs or practically hangs during parsing.

SYSTEM_CONFIG table is removed

This table was used to retrieve the site_path directory in unattended setup mode. As a replacement, system property gerrit.site_path should be used.

Git clients older than 2.x are not supported anymore

The Gerrit hook script for adding the Change-Id in every local commit has been simplified and is now using the git-interpret-trailers command. The interpret trailers command is available as of git v2.2.0, released Dec 2014.

Existing cloned repositories that have been cloned before the migration to v2.16 and thus having the old hook for generating the Change-Id will continue to work. However, new clones and hook scripts will need to upgrade your local git client to v2.2.0 or later.

If you have existing older git clients and cannot migrate to v2.2.0 or later, you need to keep serving the old script, copying it to the Gerrit /static directory, and then amend the Gerrit helper instructions to download it.

Example (assuming Gerrit installed on $GERRIT_SITE and available at https://gerrit.mycompany.com):

$ curl 'https://gerrit.googlesource.com/gerrit/+/stable-2.15/gerrit-server/src/main/resources/com/google/gerrit/server/tools/root/hooks/commit-msg?format=TEXT' > $GERRIT_SITE/static/commit-msg
$ git config -f $GERRIT_SITE/etc/gerrit.config gerrit.installCommitMsgHookCommand 'gitdir=$(git rev-parse --git-dir); curl -o ${gitdir}/hooks/commit-msg https://gerrit.mycompany.com/static/commit-msg ; chmod +x ${gitdir}/hooks/commit-msg'

New Features

‘Read As’ capability

The new ‘Read As’ capability allows users to impersonate any user to see which refs they can see.

Note: the capability was added in 2.16 but only documented since 2.16.1.

PolyGerrit enhancements

Inline edit

  • Issue 4437 inline edit is fully implemented using the CodeMirror Editor plugin.

    A new core plugin, codemirror-editor, is available, which uses CodeMirror to provide a rich code editing experience in PolyGerrit.

    When you upgrade Gerrit using init -d, you are given the option to install the codemirror-editor plugin.

Change screen improvements

  • Issue 8213 Follow-Up button is missing on change screen
  • Issue 8218 Open inline diff when clicked on file list row
  • Issue 8241 Change comment threads are interleaved
  • Issue 8260 Submitted together section shows which change is the one currently displayed
  • Issue 8528 Show vote chips in change messages
  • Issue 9111 Add expander icons to messages
  • Issue 9532 Provide CLI assistance for updating Gerrit changes in the change view
  • Issue 9707 Assigned to you section on dashboard
  • Issue 2390 Allow to mark review as read/unread by clicking on some icon and/or button
  • Issue 4528 Indicate what labels a reviewer can vote on
  • Issue 5178 File name as header when viewing a change inline.
  • Issue 5329 Support for the find-owners plugin
  • Issue 5433 Make SHAs selectable in the UI
  • Issue 5452 Make shift-j jump to index if no files remain with comments.
  • Issue 6198 Allow control whitespace diff in the UI
  • Issue 6781 Change/patchset actions have tooltips describing their behavior
  • Issue 6984 “Discard” button on review comments requests confirmation prompt
  • Issue 7698 New popup for “This change has been merged”
  • Issue 7773 Ask for configuration on the submit button

General improvements

  • Issue 8983 Lazy-load gr-avatar images
  • Issue 4915 Support “Show Change Sizes As Colored Bars” setting
  • Issue 7886 TShirt sizing for changes in the dashboard and change-view
  • Issue 7961 Display dividing line for metadata

New logging framework

For logging Gerrit is now using Flogger instead of SLF4J. The logging backend is still LOG4J.

The Flogger LOG4J backend is configured by a system property (flogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance) that must be set for logging to work. There is an init step that automatically sets this system property in the gerrit.config file and in addition Gerrit tries to set this system property automatically on startup if it isn’t set yet. However for some setups you may need to do additional actions to make sure that this system property is set.

In addition there is a system property that needs to be set for request tracing (flogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance). Also this system property is automatically set in the gerrit.config file by an init step and in addition Gerrit tries to set this system property automatically on startup if it isn’t set yet. However for some setups you may need to do additional actions to make sure that this system property is set.

SLF4J can still be used by plugins, but using SLF4J in plugins is deprecated and with the next Gerrit release SLF4J will no longer be exported as part of the Gerrit plugin API jar. This means from the next release onwards, plugins must either migrate to Flogger or have an own dependency on SLF4J.

REST API

There are several new REST endpoints and additions to existing endpoints, as described in the REST API documentation.

See below an overview of the noteworthy changes.

Access Rights Endpoints

  • ProjectAccessInfo has a new field configWebLinks containing a list of URLs that display the history of the configuration file governing this project’s access rights.

Accounts Endpoints

Changes Endpoints

  • New endpoints to lists, get and delete the messages /messages of a change including the detailed account information associated.

  • New endpoint /cherrypick to cherry-pick a specific commit.

Config Endpoints

Groups Endpoints

  • New option ?ownedBy to find groups that are owned by another group

Project Endpoints

Commit Endpoints

  • New endpoint /files to list files associated with a commit.

Request Tracing

If a request is traced the unique trace ID is attached to all logs that are triggered by the request. In addition all logs are enforced regardless of the configured log level. Given the trace ID an administrator can find the trace in the error log and debug issues more easily.

Detailed information about request tracing can be found in the request tracing documentation.

New configuration option to ignore self approval on labels

A new option for Review Labels, label.Label-Name.ignoreSelfApproval, is available.

If true, the label may be voted on by the uploader of the latest patch set, but their approval does not make a change submittable. Instead, a non-uploader who has the right to vote has to approve the change.

It defaults to false, but one possible use case is to set the value to true for the Code-Review label in the All-Projects project. That value will then be inherited by all projects that do not override the Code-Review label settings.

Dependency Updates

  • Update args4j to 2.33

  • Update Brics Automaton to 1.12-1

  • Update BouncyCastle to 1.60

  • Update commons-compress to 1.15

  • Update commons-lang3 and commons-net to 3.6

  • Update Dropwizard metrics-core to 3.2.5

  • Update Elasticsearch to 6.4.3 (Updated to 6.5.4 in 2.16.3)

  • Add dependency to flexmark-java 0.34.18

    Flexmark is a CommonMark/Markdown parser for java.

  • Add dependency to flogger 0.3.1

    Flogger is a fluent logging API for Java and Gerrit is using Flogger instead of SLF4J now.

  • Update greenmail to 1.5.5

  • Update gson to 2.8.5

  • Update guice-* to 4.2.1

  • Update JGit to 5.1.3.201810200350-r (Updated to 5.1.5.201812261915-r in 2.16.3)

  • Update Lucene to 6.6.5

  • Update mime4j to 0.8.1

  • Update OpenID4Java to 1.0.0

  • Update Ow2.asm to 6.2.1

  • Update javax.mail to 1.6.0

  • Update Jetty to 9.4.12.v20180830

  • Update protobuf-java to 3.4.0

  • Update soy to 2018-03-14

  • Update SSHD to 2.0.0 and Mina to 2.0.17

  • Update tomcat-servlet-api to 8.5.23

  • Update tukaani-xz to 1.6

  • Remove dependency on Velocity

  • Remove dependency on joda-time and joda-convert

    NOTE: joda-* dependencies are no longer exported in the Gerrit plugin API. Existing plugins that still rely on them need to be amended to include the explicit dependency on joda-* libraries.

Plugin API changes

Bugfix Releases

2.16.3

  • Issue 10262: Upgrade JGit to 5.1.5.201812261915-r to fix validation of wants in git-upload-pack for protocol v0 stateless transports.

    AdvertiseRefsHook was not called for git-upload-pack in protocol v0 stateless transports, meaning that wants were not validated and a user could fetch anything that is pointed to by any ref (using fetch-by-sha1), as long as they could guess the object name.

  • Issue 10242: Fix regression that allows a user’s account to be taken over when multiple authentication providers are in use.

    A regression introduced in 2.14.7 allowed a user’s account to be taken over by creating an account on a different provider with exactly the same username as the existing Gerrit account.

  • Issue 10082: Decouple online reindex activation from index module.

    Plugins were not loaded before online indexing was triggered, resulting in plugin-contributed submit rules not being evaluated during indexing.

    Online reindex activation is now decoupled from the index module and thus postpones the triggering of online reindexing until after loading of the plugins.

  • Evict group caches on group creation.

    If a group was created after a previous cache miss for its name, Id, or UUID, the cache also did not return the group if it is called immediately after the group was created.

  • Issue 10240: Fix internal server error when cloning a repository from Gerrit slave.

  • Improve error handling if comment note is too large during schema migration.

    During migration to schema 169, comments in NoteDb are migrated to json. If loading the blob for a comment note failed due to being too large (in excess of a hard-coded 25MB limit), the migration would fail.

    The hard-coded limit is now removed. It is still possible that the migration can fail if the blob is excessively large, but the logging of such a failure is improved so that the change that failed can be tracked down.

  • Issue 4278: Fix wrong code snippet in email notifications.

  • Upgrade jackson-core to 2.9.8.

    Version 2.9.8 includes several bug fixes, including security fixes.

  • Upgrade elasticsearch-rest-client to 6.5.4.

  • Issue 10263: Include edit ref in EditInfo element returned by the edit API.

    It was not possible for users of the Java API to get the edit ref.

  • Export the project indexer in the plugin API.

  • Issue 10260: Replication plugin: Fix auto-replay of stored events during config reload.

  • Add a new method on the account API to set the account name.

  • Add new methods on the project API to get/set the project’s HEAD.

  • Add a new method on the commit API to get “included in” information.

PolyGerrit

  • Issue 9410: Add the GWT hash separator to the GWT url.

  • Merge top menu items contributed by plugins.

    Each plugin contributes a list single of menus, which are expected to be merged in existing top menu entries if they already exist. This was implemented in the GWT UI, but not in PolyGerrit.

  • Issue 10267: Add support for several more MIME types in syntax highlighting.

    Support is added for: powershell, xquery, cmake, coffeescript, crystal, diff, django, dockerfile, ebnf, elm, erlang, fortran, groovy, haml, haxe, ini, julia, latex, less, mathematica, nginx, nsis, postgresql, q, scss, scheme, excel, tcl, twig, vb, vbscript.

  • Issue 10137: Fix alignment of the “By User” column on the group audit screen.

2.16.2

  • SECURITY Issue 10201: Remove support for Git protocol v2, because of a security vulnerability discovered

    The JGit implementation of protocol V2 does not invoke the advertiseRefsHook on fetch and ls-refs, which results in all refs being sent, regardless of the configured ACLs.

  • Issue 9024: Fix setting PRIVATE and WIP for updated changes in console report.

    In some cases the private and work-in-progress status indicator for changes updated by push was shown incorrectly.

  • Fix case-insensitive searching of hashtags.

  • Issue 10106: Fix incorrect json in the example for the ‘Set Access’ REST endpoint.

  • Issue 10112: Upgrade rules_closure to make Gerrit buildable with the latest Bazel version.

  • Issue 9781: Fix full ACL evaluation for LDAP groups.

    The LDAP groups have been historically filtered by relevance to the Gerrit ACLs. However, that optimization has the side effect of blocking users to access legitimate projects if they are temporarily not cached in memory. Allow to disable the LDAP filtering optimization for having always a 100% consistent ACL evaluation, regardless of the project’s cache status.

  • Upgrade elasticsearch-rest-client to 6.5.3.

  • Discontinue support for Elasticsearch 2.4.

  • Add preliminary support for Elasticsearch 7.

    Support for Elasticsearch 7 is added, and tested against the alpha1 release.

  • Add a new method on the account API to set the account name.

2.16.1

  • Issue 10018: Fix failure to upgrade schema when migrating from 2.13.

  • Issue 10038: Add support for Elasticsearch 6.5.1.

  • Issue 10052: Fix invalid requests to Elasticsearch.

  • Issue 10021: Security - Disallow create project to execute arbitrary code on the client by quoting and encoding project names.

  • Issue 10106: Documentaiton - REST API for updating project rights amended with correct payload.

  • Issue 10143: Fix internal server error when running the kill command.

  • Issue 9768: Explicitly set the number of shards and replicas for Elasticsearch, and allow them to be configured.

    From Elasticsearch version 7 the default number of shards per node will be changed from 5 to 1.

    The number of shards and number of replicas are now explicitly set when creating the index.

    The new settings elasticsearch.numberOfShards and elasticsearch.numberOfReplicas allow the values to be configured. The default values are 5 and 1, respectively, which is the same as the default values used by Elasticsearch prior to version 7.

  • Discontinue support for Elasticsearch 2.4.

  • Add preliminary support for Elasticsearch 7.

    Support for Elasticsearch 7 is added, and tested against the alpha1 release.

  • Fix internal server error when listing reviewers of a change with reviewers by email.

    Reviewers by email don’t have an account ID but formatting reviewers as JSON tried to get account IDs of all reviewers. This failed when the change had any reviewers by email.

  • Do not create index on account_group_members table in postgres database.

    The account_group_members table was deleted, but the postgres setup still tried to create an index on it, which prevented a new site from starting up.

  • Don’t serve Polygerrit UI when running in headless mode.

  • Don’t serve static resources when running in slave mode.

  • Fix assignee’s status on the change screen.

    The assignee field’s status showed the change owner’s status text.

  • Add missing documentation of the ‘Read As’ capability.

Breaking changes

  • Change-Id: I3752456 Use dynamic binding for UrlFormatter.

    The UrlFormatter interface had a fixed binding to its default implementation, which meant it was not possible for plugins to provide a different implementation but were merely injecting it when needed

    It is now possible to replace the default implementation using a DynamicItem which requires a change in how it is injected and used in plugins.