Download: 3.11.7 | 3.11.6 (withdrawn) | 3.11.5 | 3.11.4 | 3.11.3 | 3.11.2 | 3.11.1 | 3.11.0

Documentation: 3.11.7 | 3.11.6 (withdrawn) | 3.11.5 | 3.11.4 | 3.11.3 | 3.11.2 | 3.11.1 | 3.11.0

Release highlights

Java 21

The language level used for Gerrit source code stays on Java 17, however, Gerrit is built and distributed for Java 21, which is the recommended JVM version for running it in production.

Enforce project configuration changes for code review

It is now possible to enforce project configuration changes for code review, ensuring modifications are reviewed and approved before integration (by setting gerrit.requireChangeForConfigUpdate=true).

This feature, together with a dedicated set of endpoints such as /projects/myproject/access:review, /projects/myproject/labels:review, /projects/myproject/submit_requirements:review and /projects/myproject/config:review, allows to prevent that any project configuration changes is submitted without code review.

New maintenance APIs

Some maintenance operations can be configured in gerrit.config to be executed at a specific time. However, this might not always be wanted or could even lead to issues in setups where multiple Gerrit instances with the same configuration try to perform the operation concurrently.

To work around this problem, for some specific operations, one can now explicitly call dedicated REST API on demand, specifically: Clean up of stale changes and Clean up of stale accounts.

New metrics

The new receivecommits/reject_count set of metrics to count the number of rejected pushes has been added. This is useful to monitor push errors over time and the reason of their failure.

Additionally one can explicitly set performance.metrics to record latency and counts of specific operations.

Please bear in mind that the above metrics can quickly build up in number, eventually increasing the latency and the size of collecting metrics payloads via to monitoring such as prometheus.

New Submit requirements

Submit requirements now support WANT_LGTM=all functionality, enabling changes to be submittable only when all human reviewers have approved. The new syntax label:Code-Review>=1,users=human_reviewers can be used in submit requirement expressions to match changes approved by all reviewers.

Additionally, WANT_LGTM=all can be configured to apply automatically to all changes or selectively enabled for changes containing a specific footer (e.g., Want-Code-Review: all), allowing users to require unanimous approval on demand.

Important Notes

Schema and index changes

No changes to either the schema or indexes versions.

Online index schema upgrade from 3.10

If you’re upgrading from 3.10, the Lucene index does not need any rebuild. If you’re upgrading from 3.9, the Lucene index is automatically rebuilt upon Gerrit startup after the upgrade.

However, if you’re upgrading from 3.8 or an earlier version, you must use the Offline upgrade steps below, because of the Lucene upgrade mentioned in the 3.8 release notes.

Offline upgrade

  • Download the new gerrit.war
  • Stop Gerrit
  • Backup the existing indexes in case a rollback is required
  • Ensure all installed plugins are compatible with the new API
  • Run init java -jar gerrit.war init -d site_path --batch

  • If you are upgrading from a 3.9/3.10 versions you don’t need to run reindex (see Online index schema upgrade from 3.10 above).

    If you are upgrading from a 3.8 or an earlier version, you must run a reindex of all indexes:

    java -jar gerrit.war reindex -d site_path

    See the reindex command for other options.

Online upgrade with zero-downtime

Gerrit v3.11.x supports zero-downtime upgrade from Gerrit v3.10 when configured using either high-availability or multi-site setup.

During the zero-downtime upgrade, Gerrit end-users will not experience any outage or service disruption and will be able to perform any read/write Gerrit operation seamlessly.

The zero-downtime upgrade process for high-availability or multi-site setups consists of the following steps (demo):

  1. Have Gerrit servers running v3.9 or v3.10 in high-availability or multi-site configuration, healthy and able to handle the incoming traffic properly.
  2. Set one of the Gerrit servers to unhealthy.
  3. Shutdown the Gerrit server, update gerrit.war and plugins to v3.11.x and start Gerrit again.
  4. Verify that the Gerrit server is working properly (e.g. run automated smoke tests) and then make it healthy again.
  5. Ensure the Gerrit server is fully caught up with the events that happened while it was down before directing traffic to it.
  6. Repeat steps 2 to 5 for each of the remaining Gerrit servers.

Downgrade

Downgrade to Gerrit v3.9 or v3.10 release is possible, but requires the following manual steps:

  1. Shutdown all migrated Gerrit servers
  2. Update the gerrit.war and plugins to the previous v3.9 or v3.10 version
  3. Init Gerrit
    java -jar gerrit.war init -d site_path --batch
  1. Startup Gerrit server

Native packaging

  • Almalinux distribution updated 9.4.
  • Ubuntu distribution updated to v24.04.

Security Fixes

  • Change 435557: Add Option to set HttpOnly flag for cookies.

    This option helps to prevent possible XSS-attacks.

  • Change 435998: Change default of auth.cookieHttpOnly to true.

    This makes the auth.cookieHttpOnly cookie more secure by default as there should usually be no need to allow client side javascript to access it.

  • Change 435960: Don’t allow discovery of non-visible groups.

    A user could have used the ls-members command to distinguish between a non-existent group and an existent but not visible group. This fixes that.

Known issues

  • Issue 309098227 Change 360646: The introduction of a per-request ref cache for better performance may break the repository consistency

    The addition of a new core.usePerRequestRefCache setting, true by default, introduced a per request (currently per request thread) ref cache, helping reduce the overhead of checking if the packed-refs file was outdated. However, in some scenarios, such as multi-site or concurrency between git-receive-pack and git-gc, it may lead to split-brain inconsistencies and, in the worst-case scenario, to the corruption of the underlying repository.

  • Issue 380898784: The new changes_by_project cache will make the git-upload-pack fail intermittently on projects containing one or more inconsistent changes.

    The introduction of the changes_by_project cache is incompatible with projects having one or more inconsistent changes, like changes with /meta refs coming from unexpected Gerrit serverId. The cache makes the git-upload-pack fail intermittently with internal server errors when it fails to load the change meta-data depending on the status of the cache. As a workaround, disable the changes_by_project cache as follows in gerrit.config:

    [cache "changes_by_project"]
      memoryLimit = 0

Breaking Changes

  • Change 434037: Disallowed tracing configs that trigger tracing for too many requests

    When using a tracing.<trace-id> subsection in gerrit.config one must now specify at least one of requestUriPattern, account and projectPattern, or otherwise it is ignored.

  • Change 429818, Change 429819 and Change 429820: Removed etags for change, revision and ListFiles resources.

    Any REST clients built expecting that ETags exist and that rely on them for workflows, may require modifications.

  • Change 442068: Do not notify listeners when performing online reindexing

Breaking Changes - Replication plugin

  • Change 430660 Prevent replication plugin start with invalid remotes:

    Allow the Gerrit admin to detect early a configuration issue with the remotes. Upon invalid remotes configuration the plugin will not start and an error will be thrown: Unable to start replication plugin because remote.

  • Issue 320715545 Use SecureStore for reading username/password credentials

    Use SecureStore for reading username/password credentials. Existing installations may have used a mix of encrypted and clear text credentials in secure.config, leveraging the replication plugin bug that was not accessing it using the correct API. Introduce a legacy feature flag gerrit.useLegacyCredentials that allow the Gerrit admin to still use the legacy mode.

New Features

  • Change 409734: New REST API endpoint for deactivating stale accounts.

    You can now POST /config/server/deactivate.stale.accounts to trigger account deactivation outside the time window scheduled in gerrit.config.

  • Change 421120: A Blocked Users group that allows admin to block spammers is created automatically during the site initialisation.

    This change makes it easier to block spamming users by automatically creating the Blocked Users group with the BLOCK read permissions on refs/*. All admins need to do to block users is adding them to the group.

  • Issue 317351858: Submitting changes with unresolved comments is blocked for new sites by default

  • Change 420300: Added REST API to clean old changes.

    You can now POST /config/server/cleanup.changes to abandon changes older than some given time outside the time window scheduled in gerrit.config.

  • Change 247812 and Change 248034: Added support for plugins to block WorkQueue tasks without depriving other tasks of a thread.

    Introduces a TaskParker interface allowing selective task parking to control resource usage by deprioritizing certain tasks without blocking other tasks from using resources.

    Tasks blocked from running by TaskParker implementations show their state as parked.

  • Change 425478: Support multiple parents in the Get Patch API.

    Now the “Get Patch” API can handle a new parent flag to select which parent to use to generate the patch.

  • Change 426018: Added highlight support for the epp language.

  • Change 425804: Added REST API endpoint for creating project config change.

    Similar to the access:review endpoint, this allows creating a change for project configuration updates via REST API by PUT /projects/myproject/config:review.

  • Change 425805: Added REST API endpoint for creating a change for labels update.

    Allows CRUD operations on multiple label definitions in this project at once by POST /projects/myproject/labels:review.

  • Change 425806: Added REST API endpoints for batch updating submit requirements.

    Introduced two new endpoints for updating submit requirements. One for updating without a review: POST /projects/myproject/submit_requirements/ Another for creating a change for the update: POST /projects/myproject/submit_requirements:review.

  • Change 425525: Added API option to apply patches that conflict.

    POST /changes/{change-id}/patch:apply now takes a payload that allows an optional allow_conflicts field, to tolerate conflicts and add conflict markers where required.

  • Change 425807: Added a new config for protecting project config from unreviewed updates.

    When gerrit.requireChangeForConfigUpdate is set to true, all attempts to update a project config directly using any REST API are rejected. Instead, users should always use APIs which create a config change (for review).

  • Change 425808: Save for review button was added into the project config page.

    When gerrit.requireChangeForConfigUpdate is set to true a new Save for review is added to the project config page.

  • Change 429017: Introduce @DynamicItem.Final for allowing immutable dynamic bindings of interfaces to implementations in other plugins.

  • Change 429823: Add TRIVIAL_REBASE_WITH_MESSAGE_UPDATE ChangeKind to allow automatic vote copy in this case.

    Introduce a new ChangeKind type representing a conflict-free merge between the new parent and the prior patch set but having a commit message update.

  • Change 439642: Report number of documents in the indexes REST API.

    This can be useful to observe index size, especially while a new index version is being created.

  • Change 438704: LockManager as an extension point.

    Provides a mechanism for global locks in distributed setups. This allows implementing global locking beyond project creation, such as ensuring only one Gerrit server runs certain tasks at a time (e.g. aut-abandoning, git-gc, account-deactivation and so forth).

  • Change 439124: Allow applying fixes to different patchsets.

    The Apply Provided Fix API now supports applying fixes to older patchsets, enabling users to apply fixes not just to the current patchset.

  • Change 438424: Add support for Vue code highlighting.

  • Change 437343: Added screen to browse the server info.

    Users can find important properties of the server listed in a new server info page.

  • Change 436218: Added extension point that allows plugins to provide server metadata.

  • Change 436318: Allow admins to get the account state of other users via REST API.

  • Issue 435999: Add method resolveExactIgnoreVisibility for AccountResolver.

    This method can be used by plugins to be able to Ignore Visibility when doing exact resolving of an account.

  • Change 435937: Added extension point that allows plugins to provide account state metadata.

    Provide an extension point that enables plugins to supply additional data for account states which are returned from the Get Account State REST endpoint.

  • Change 435819: Added REST endpoint to retrieve the account state with a single request.

    The new GET /accounts/link:#account-id/self/state can now be used Retrieves the superset of all information related to an account, including its permissions.

  • Change 435559: For users that have the ‘View Access’ global capability return ACL info when request is rejected due to a permission issue.

  • Change 435017: Plugin provided change-metadata-items can be placed above submit-requirements.

    With this change, plugins can choose to place items above the submit requirements.

  • Change 433022: Added support for configurable performance metrics.

    A new performance.metric configuration section can be used in gerrit.config to specify operations for latency and count recording in performance metrics. This is useful to identify slow operations and assess the impact of optimizations.

  • Change 431638: Added metric to count rejected pushes.

    The new receivecommits/reject_count set of metrics count the number of rejected pushes. They are suffixed with the push kind (either direct, for direct pushes, or magic, for pushes to magic refs) and with the reason of the rejection (e.g. branch_not_found, no_new_changes, and so forth), for example: receivecommits_reject_count_magic_branch_for_main_not_found, receivecommits_reject_count_direct_prohibited_by_Gerrit:_not_permitted:_create.

  • Issue 321784728: Add support for using subsections in passwd.

    Fixes a bug whereby the java -jar bin/gerrit.war passwd program couldn’t be used to set a subsection config, such as remote.instance.username.

  • Change 442063: Support enabling WANT_LGTM=all via submit requirements

  • Change 442084: Allow to run periodic group reindexing also on Gerrit primary server.

  • Change 442065: New configuration style for period indexers

    Deprecate index.scheduledIndexer configuration in favor of scheduledIndexer.groups to support explicit indexing groups and future reindexing configurations for other indexes. Both configuration styles are supported, but the former is deprecated.

  • Change 442105: Allow to schedule periodic project reindexing

    This may be useful in high-availability scenarios where each primary maintains its own index. For example, if messages between the primaries are not delivered due to prolonged downtime of one of the primaries the projects index will become consistent again on the next run of the periodic project indexer. This is currently supported only for projects and groups indexes.

  • Change 444041: Enable highlighting for nix

Performance improvements

  • Change 422522: Avoid double loading of change notes when retrieving change without specifying a meta rev ID.

  • Change 426537: Improve performance of changes queries when using the custom permission backends.

    The virtual host module, or other permissions backends, can potentially restrict the visibility of users to a limited set of projects or changes.

  • Issue 365254275: Don’t sync bulk actions details for anonymous user.

    This change effectively reduces potential system load and improves overall performance by preventing anonymous users calls from loading unnecessary data.

Bug fixes

  • Change 422518: Record duration of performance events in nanos (instead of in millis).

    Performance events shorter than 1ms were being recorded with a duration of 0ms, causing them to be invisible on performance charts and making it unclear whether they were executed or just too fast to be displayed.

  • Change 422039: Fix Cloud Spanner error codes for AccountPatchReviewStore.

  • Change 429801: Fix evaluation of extra query provided by a permission backend.

  • Change 430917: Allow Gerrit to open more than 10240 file descriptors on MacOS.

  • Change 438861: Fixed ls-projects to skip corrupted repositories.

    The ls-projects command now logs an error and continues processing other projects if a MissingObjectException occurs due to a corrupted Git repository, rather than stopping execution entirely.

  • Change 437821: Fixed GET /auth-check.svg error.

  • Change 436057: Fixed exception in GetMessage REST endpoint when the change contained multiple footers with the same key.

    Only the last footer for any footer key is now returned.

  • Change 435938: AccountResolver:resolveExact can now resolve accounts for usernames.

    AccountResolver:resolveExact now supports resolving accounts by exact username matches, avoiding unintended results from fuzzy matching.

  • Change 434177: Disallowed ref creation when passed object is neither Commit nor a Tag.

    Restrict ref creation to only Commit or Tag objects, preventing unintended ref creation for unsupported object types.

  • Change 441202: Fixed change email threading in Microsoft clients.

  • Change 442621: Respect project config and user preference for creating changes as work-in-progress by default for the Revert REST endpoint.

Frontend changes

  • Change 425037: gr-watched-projects-editor: improve unsaved changes detection.

  • Change 425038: gr-email-editor: improve unsaved changes detection.

  • Change 425857: Made navbar mobile responsive in gr-main-header.

  • Change 430619: TypeScript API: fix PluginApi exposed type from HTMLElement to PluginElement.

  • Change 437561: Added new formatted-text-endpoint plugin endpoint.

  • Change 442601: gr-create-change-dialog: Give more width to messageInput (Description)

Other Changes

  • Change 418578: Make Service Users group that is created on init visible to all users.

  • Change 420064: Disallow removing votes from merged changes by removing reviewers.

  • Change 420065: Disallowed removing votes from merged changes.

  • Change 421177: Do not grant Revert permission to Registered Users by default.

    Note, Registered Users can still revert changes via git push, just not via the web UI.

  • Change 421141: Do not grant direct push permission by default.

  • Change 427077: Support refs/heads/... as rebase base.

  • Change 427778: Fixed updating an existing edit via push.

    Resolved an issue where attempting to update an existing edit via push was rejected due to non-fast-forward updates being disallowed.

  • Issue 341288175: Ignore global ACLs query limit for internal user.

  • Change 431080: Include replication-api.jar in release.war.

    Ensures all core plugins, including API jars, are packaged in the release.war, enabling cross-plugin communication via core plugin APIs.

  • Change 441562: Allow passing build arguments to generated API scripts.

  • Change 442062: Added sample ref-updated hook to repack repositories geometrically.

  • Change 442104: Update attention set behaviour when commenting on a thread.

    Refine how participants are notified when a comment is added, ensuring that the right people are re-engaged based on their review status and the thread’s resolution state.

Documentation changes

  • Change 439141: Fix Label documentation mentioning function = MaxWithBlock.

    Instead describe how to define a corresponding submit requirement.

  • Change 439361: Document --reuse option of the offline reindex command.

Plugin changes

  • codemirror-editor updated to e5e9ece112242397f000660c6cee8f5053ca5da5

     git log --no-merges --abbrev-commit --oneline 06719abee6c38d17008599f074050db5153bffa3..e5e9ece112242397f000660c6cee8f5053ca5da5

    Notable changes are:

    • e5e9ece Added missing Vue dependency
    • bf8ac0b Added Vue language support
    • cddb6d8 Show Line Length Indicator at 72 Characters for Commit Messages

  • hooks updated to 4f43f5db6b8aa7f36381f4f9a4c9ec1fc335d949:

     git log --no-merges --abbrev-commit --format=oneline f975f914312b258f84957d19f96014c3edd12644..4f43f5db6b8aa7f36381f4f9a4c9ec1fc335d949

    Notable changes are:

    • 4f43f5d Print hook stdout/stderr in case of a non-zero exit code:

      Hook output is now printed when a non-zero exit code occurs, providing error details without requiring DEBUG logging level.

    • 41c3ad1 Resolve relative hooks.path against $site_path, not cwd of the process

      Relative paths for hooks.path are now resolved against $site_path instead of the process’s working directory, ensuring consistent path resolution.

  • plugin-manager updated to 86f7ec61a9785df246f653a1336520b9607399b1:

     git log --no-merges --abbrev-commit --format=oneline cdd2d2d69666a70a16ac02bacf8e7fbbf4ca9979..86f7ec61a9785df246f653a1336520b9607399b1

    Notable changes are:

    • 86f7ec6 Add replication-api to the list of core plugins
    • 53d615a Avoid work in Optional.orElse() calls
    • c67b626 zuul: Fix test dependency on release.war

  • replication updated to 0af31d2a5df62329162a750beec2e9dc0adf8e72:

     git log --no-merges --abbrev-commit --format=oneline 445cd037108a9ad478c187aeb31cb14a8e889a0f..0af31d2a5df62329162a750beec2e9dc0adf8e72

    Notable changes are:

    • 0af31d2 Fix PushOne toString() to show the right refs and hidden number

    • 660fcd4 Destination: use striped lock to reduce lock contention.

      Optimized replication throughput by implementing striped locks in the Destination to reduce lock contention across repositories.

    • 3982574 Fix FanoutConfigurationResource update API:

      This fixes issue 351843807 where Gerrit changes were no longer syncing to Github.

    • eac5d4e Delay the fetching of credentials until push time:

      Improved replication reliability by delaying credential fetching until push time, allowing dynamically reloaded credentials to be applied even for retried replication tasks.

    • 69c66c8 Improve FanoutConfigurationResource loading performance:

      Enhanced loading performance of replication remotes as individual files (under $GERRIT_SITE/etc/replication) by optimizing remote parsing and merging logic, reducing load times for large configurations.

    • 69c0c4d FanoutConfigResourceTest: assert configuration updates being visible:

      Fixed an issue where updates to remote configurations persisted on disk but left an outdated in-memory copy, ensuring in-memory consistency after updates.

    • 6b4bc77 Fix updating replication credentials using te ReplicationRemotesApi

      Fixed an issue where updated replication credentials were incorrectly saved to replication.config instead of SecureStore.

    • cc32fe2 Prevent replication plugin start with invalid remotes: See Breaking changes

    • d1ad7d5 Use SecureStore to access replication credentials:

      See Breaking changes

    • 89fc47e Introduce API for retrieving the remote config:

      Extended ReplicationRemotesApi to support retrieving configurations for multiple replication remotes.

    • 16ccc30 Allow to update base/override remote configs from MergedConfigResource:

      Added a method to update base or override remote configurations in a single call, building on the API for updating replication configurations from other plugins.

Other dependency changes

Bugfix releases

3.11.7

  • Bug Fixes

    • Change 495501: sequence set SSH command now enforces strictly increasing sequence values.

      Attempts to set a sequence (for changes, accounts, or groups) to a value lower than its current value are now rejected immediately.

    • Issue 439435039: Check for account existence with username scheme for HTTP and HTTP_LDAP only.

      Previously, when LDAP authentication was enabled, user lookups were incorrectly performed using the username external ID scheme, which could lead to failed logins. This change restricts username-based lookups to HTTP and HTTP_LDAP authentication protocols only, ensuring LDAP uses the correct gerrit scheme.

    • Issue 439859126: Return HTTP 401 for any incoming authentication request with a password longer than 71 chars

      Fixed password validation to explicitly fail when a password is longer than 71 characters, matching the Bcrypt limitation. This prevents internal errors and ensures clients receive a proper HTTP 401 (Unauthorized) response instead of an internal exception.

    • Issue 444049514: Prevent blocking HTTP calls to wait indefinitely.

      Fixed an issue where, under heavy concurrent Git/HTTP load, some worker threads could remain stuck indefinitely due to unbounded blocking in synchronous write callbacks. Blocking callbacks are now properly capped by the configured httpd.idleTimeout, ensuring idle or stalled Git/HTTP requests are terminated and threads are released as expected.

    • Issue 397701289: Notify reviewers on change edit in UI.

      Restored reviewer notifications when a change is edited through the web UI. This makes notification behavior consistent with other change updates, ensuring reviewers are informed when an edit may require another review.

    • Change 510442: Allow WorkQueue to be used with the failsafe.dev library in the high-availability plugin to schedule retryable tasks.

    • Issue 446941362: Fixed git-upload-pack errors on replicas by skipping unloadable changes.

      Fixed an issue where corrupted or unloadable changes could cause Internal Server Errors during git-upload-pack on replicas.

    • Issue 456521736: Avoid “change N missing from ChangeSet[][]” error when submitting a change with a stale index entry.

      Fixed an issue where submitting a change could fail if its index entry was out of sync with the underlying NoteDb data. Gerrit can now backfill missing change information directly from the repository when the index is stale, ensuring that valid changes can still be submitted without repeated retries.

      A new configuration option, change.backfillMergeSuperSet, controls this behavior. When enabled, Gerrit reloads change data from the repository instead of failing due to a stale index, making change submissions more reliable in setups that use asynchronous indexing or multiple primaries.

    • Change 497281: Fixed the name of the operations endpoint latency metric to ensure accurate per-endpoint performance tracking.

      Corrected the name of the operations endpoint latency metric, which was previously using the same name as the general performance/operations metric.

  • Documentation Updates

  • UI Fixes

    • Change 511981: gr-access-section: Fix bug with deleting permissions in handleAddedPermissionRemoved.

      Resolved an issue where removing a permission (e.g., Delete Own Changes) could also unintentionally remove another permission (e.g., Delete Changes) and incorrectly display an undo option. The UI now correctly tracks and removes only the selected permission, and the undo button appears only for previously saved permissions.

    • Change 515221: Allow Change Owners to suggest edits in comments.

      Change owners can now propose suggested edits directly in comments, even if they are not the original authors of the change.

    • Change 517961: gr-permission: Fix deleting rule in gr-rule-editor.

      Resolved a UI issue where deleting a rule could affect the wrong entry due to DOM node reuse.

    • Change 512922: Fix rendering of multiple suggested edits when comments contain tabs.

      Previously, only the first suggested edit was shown when a comment contained multiple suggestions. Now, all suggestions are displayed correctly, allowing users to view and apply each one individually.

    • Change 509501: gr-textarea: Fix getSelection() on Safari.

      Resolved an issue in the text area component where pressing Option + Right Arrow on Safari did not move the cursor or update the text selection as expected.

    • Change 509463: Fix bug with disabledMenuActions in gr-change-actions.

      Fixed a UI issue where menu actions were not properly disabled when disabledMenuActions was set, allowing users to trigger actions multiple times while one was still running.

    • Issue 445614699: Fix deleting text under Firefox when selecting all text.

      Resolved a compatibility issue in the text area component where deleting all selected text did not work correctly in Firefox.

  • Enhancements

    • Issue 440798012: Add scheduled reindexing of accounts.

      Add scheduled reindexing of accounts. Previously scheduling reindexing was possible only for Changes, Projects and Groups.

  • Dependency Updates

3.11.6 (withdrawn)

3.11.5

  • Bug Fixes

    • Issue 437141693: Fix an issue introduced in Gerrit 3.11.4 where plugins’ persisted caches weren’t persisted anymore.

    • Issue 437005987: Prevent creation of tag via rest-api if project is in read only state.

    • Change 498181 Fix Submit Requirements that used ownerin:group_name with Gerrit internal group names. Groups with external subgroups were unaffected.

    • Issue 435230894 Fix instances where changes sequence ref is rewind

      Enforced strictly increasing ref sequence values to prevent rare stale-read issues on NFS.

  • Frontend changes

    • Issue 433273946 gr-edit-controls: Fix alignement issue with autocomplete on mobile

    • Change 497461: Inline link on branches and tags on a repository’s branch and tag lists now respect gerrit.primaryWeblinkName configuration.

    • Change 464281: “Browse” link on a repository’s General page now respect gerrit.primaryWeblinkName configuration.

3.11.4

  • Known issues

    • Issue 437141693: Plugins’ persisted caches aren’t persisted anymore, due to the removal of the lazy initialization of the H2Cache’s bloomfilter.

      The introduction of the performance improvement in Change 473682 has removed the lazy initialization of the H2Cache’s bloomfilter which is needed for enabling the persistence of the cache keys. The consequence is that the plugins that were declaring a persistent cache would not be able to persist their cached values anymore.

  • JGit changes

    This includes a fix for races that could occur when deleting refs and another actor tries to pack refs.

    You can retrieve the full list of changes with:

    git log --no-merges --format=oneline e328d2...3f3f3b5
    • 3f3f3b5a6 Fix: Close the “preserved” PackDirectory
    • 1c7289509 Use the same ordering/locking in delete() as C git
    • fc6fd5690 Prepare 6.10.2-SNAPSHOT builds
    • 9d12b89dd (tag: v6.10.1.202505221210-r) JGit v6.10.1.202505221210-r
    • 3e0eedc57 AmazonS3: Do not accept DOCTYPE and entities
    • 07d00f6df ManifestParser: Do not accept DOCTYPE and entities

  • Bug Fixes

    • Issue 430336832: Align delete refs to the rest of Gerrit

      The ChangeEditUtil.deleteRef() and StarredChangesUtilNoteDbImpl.deleteRef() failed to set the new object id in the RefUpdate, causing a situation where other parts of the code are expecting a non-null SHA1 and therefore causing potential NPEs.

    • Change 486742: Fixed project list cache data race due to Caffeine issue

    • Change 486741: Fixed removeLabel permission not being displayed in access section UI

    • Issue 412679366: Fixed an issue with a comment’s resolved flag not updating

      When PostReview.comments is set, they are supposed to replace the value of the draft with the same id (if one exists). The logic were replacing the message, but not the resolved bit. Leading to the update being lost.

    • Change 482026: Fixed reindexing stale changes in projects with encoded characters

      Without this fix, any project with characters in its name that must be encoded would fail staleness checks with a “repository not found: Invalid name” message

    • Change 473802: Fix wrong column sort in change list

    • Change 476822: UI: Fix loading fonts with base url

    • Change 478326: Fix paper-toggle-button for iOS

    • Change 486743: Fix a special case for preview/apply fix

    • Change 487821: Use ASM9 opcodes to avoid plugin Jar scan warning

  • Enhancements

    • Change 481621: Checks: Display hovercard for previous run attempts

    • Change 473682: Do not wait for H2 bloomfilter building to respond to requests

    • Change 481583: Add ‘shift+h’ keyboard shortcut to hide check code pointers in the diff view

    • Change 462141: Improve error message when failing a submission for FAST_FORWARD_ONLY projects, avoiding also an NPE on the error_log

  • Documentation Updates
  • Plugins

    • Change 473229: Update webhooks plugin from 2e5ec3b to b00a2c2

      You can retrieve the full list of changes with:

      git log --oneline --no-merges 2e5ec3b..b00a2c28e
      • b00a2c28e Disable retries if maxAllowedRetries is 0
      • 3520f3370 Process events before scheduling
      • 788cf1a33 Add allowedUrlPattern global config
      • bace27dc3 Log when a webhook is created or updated
      • eec83d2c5 Allow admins to limit timeouts, retries and retry interval
      • f1f51e2bf Allow restricting event types using the global configuration
      • 9245cd9c3 Log when post is unsuccessful and max retries exceed

    • Update replication to 83e15b020

      You can retrieve the full list of changes with:

      git log --no-merges --format=oneline 0af31d2a...83e15b020
      • 83e15b0 Fix concurrent pushes to the same target URI
      • 5be3cc5 Make excludedRefsPattern() to return an empty list by default
      • f01716c Do not push deletes for refs configured to be skipped
      • 4161f94 Add a remote config to exclude replicating desired refs

3.11.3

  • Bug fixes

    • Issue 396060185: Find changes by change number only if imported server IDs are configured.

    • Change 467421: Prevent change numbers virtualization for sites without imported server id(s).

    • Issue 410069478: Fix the computation of the change virtual id for imported changes.

    • Change 469725: Fix incorrect cherryPickOf value when using the REST API to cherry-pick a non-current patchset.

  • Enhancements

    • Issue 401141848: Fix ref existence check when creating new refs.

      Gerrit v3.6 introduced a new check for verifying the existence of refs before crating new refs and avoiding misleading LOCK_FAILURE errors. The check was implemented using a Repository.resolve() API which would expand the ref name as it was a logical name resolution causing the inability to push some refs, like tags that use the git describe in their names. The issue is fixed by using a proper refs finding and brings back the full refs creation functionality.

    • Change 472521: Render markdown in check run description

3.11.2

  • JGit changes

    • Change 459004: Bump JGit to e328d203f (stable-6.10 tip).

      git log --no-merges --oneline d5cc102e7..e328d203

    Notable changes are:

    • e328d203f Do not load bitmap indexes during directory scans
    • fab9b3d96 Fix calculation of pack files and objects since bitmap
    • 5dae4a835 Pack: no longer set invalid in openFail()
    • a8efd046f RevWalk: Add an isMergedIntoAnyCommit() method
    • 51d6c63fe Pack: separate an open/close accounting lock

  • Bug fixes

    • Issue 387440281: Fix the email notification for comments on unchanged files.

    • Issue 390647051: Fix the reporting of Git/HTTP errors in the httpd_log.

    • Issue 391394129: Prevent the generation of duplicate entity numbers when resetting the values with ‘gerrit sequence set’ command.

    • Issue 396060191: Fix log rotation of gc_log avoiding to have it overwritten.

    • Issue 405165896: Fix project’s access section when saving changes in the exclusive ACLs.

    • Change 462582: CreateBranch: Fix detection of conflicting branch names.

    • Change 455781: Allow using the core.useFileKeyByProjectCache safely even when performing project removals.

    • Change 457842: Manage disappearing changes when fetching virtualId.

    • Issue 396060185: Lookup imported change by change number otherwise it cannot be found.

  • Enhancements

    • Issue 40013496: Support SO_TIMEOUT configuration in SMTP email sender.

    • Change 454224: Introduce auth.externalIdsRefExpiry.

      Introduce auth.externalIdsRefExpiry to reduce All-Users access overhead by memoizing the latest external-ids SHA-1 for a configurable duration.

    • Change 461527: Online upgrade now allows skipping reindex.

      Add no_reindex as a supported value for index.onlineUpgrade to enable zero-downtime upgrades without triggering online reindexing.

  • Documentation Updates

    • Change 458883: Improve jgit.config documentation for NFS v4 caching.

  • Frontend changes

    • Change 447863: Fixes a bug where selecting the diff content did not exclude the line numbers on Safari.

    • Change 459523: Search bar: Fix negations with autocomplete.

    • Issue 390581530: Fix triggering mentions on safari and firefox.

  • Plugin changes

    • codemirror-editor plugin:

3.11.1

  • JGit changes

      git log --oneline --no-merges c824610ab...d5cc102e7

    Notable changes are:

    • 1177e1e4a WindowCache: share removal work among multiple threads
    • cdbea5ea9 Optionally.Hard: avoid Optional creation on every use,
    • ae53d6383 Pack: fix threading bug getting idx
    • d2ff398bc Fix potential NPE in TreeWalk#getFilterCommandDefinition
    • 2b229df06 Advertise “agent” capability when using protocol v2
    • 7fedd15c8 FileSnapshot: silence “Stale file handle” exceptions
    • eb0ef9d16 FileSnapshot: silence “Not a Directory” exceptions
    • 7f246a05d Fix potential NPE in ResolveMerger#getAttributesContentMergeStrategy
    • f2741cace Fix NPE in DiffFormatter#getDiffDriver
    • fb6adb036 Pack: ensure packfile is still valid while still recoverable
    • 44d61a3d7 WindowCache: add bulk purge(), call from bulk sites
    • f026c19a0 PackDirectory: Filter out tmp GC pack files
    • 5b1513a28 Align request policies with CGit
    • e682a0239 Pack.java: Recover more often in Pack.copyAsIs2()

  • Bug fixes

    • Issue 389368407: Fix the reporting of UploadValidationListener(s) feedback to the Git client

    • Change 447522: Reduce memory pressure on the JVM GC by reusing Gson objects across events

    • Issue 365889749: Fix timeouts calculation in SshDaemon

      NOTE: All the SSH timeouts have been broken since the merge of Change 274055 released with Gerrit v3.4.* until v3.9.8. This fix makes the timeouts being considered as documented again, which may result in SSH connections being closed prematurely due to the configured timeouts in gerrit.config.

    • Change 445522: Improve ssh-rsa host key warning message

    • Change 445242: Add base url to service-worker url in the Gerrit UX

    • Change 445041: Fix OpenID authentication redirects to application root by avoiding the addition of extra /

    • Change 444801: Don’t encode just a slash for loginUrl, which would have then redirected to //

    • Issue 388863156: Fix OutOfScopeException when reloading plugins via REST-API

  • Enhancements

  • Plugins changes

    • codemirror-editor updated to 9f049032fd8f89f59ceda33f6bf1767cc14514ab

      git log --no-merges --abbrev-commit --oneline e5e9ece112242397f000660c6cee8f5053ca5da5..9f049032fd8f89f59ceda33f6bf1767cc14514ab

      Notable changes are:

      • 9f04903: Fix mime type for vue

  • Dependency Updates

  • Other changes