Download: 3.8.0
Documentation: 3.8.0
Release highlights
Rebase on behalf of the uploader
Rebasing a change from the web UI preserves the uploader for trivial rebases.
This has the advantage that the rebaser is not taking over the change, which is important when the project is configured to ignore self-approvals of the uploader, as this allows the reviewer to approve and submit the change, after doing a rebase.
Rebase a chain of changes
Allow to atomically rebase a chain of changes.
If the chain is outdated, i.e., there’s a change that depends on an old revision of its parent, the result is the same as individually rebasing all outdated changes on top of their parent’s latest revision.
Important notes
Schema and index changes
This release doesn’t contain schema changes.
The changes
index version has been increased to version 82.
Online index schema upgrade from 3.7
By default, if you’re upgrading from 3.7, the index is automatically rebuilt upon Gerrit startup after the upgrade.
If you’re upgrading from 3.6 or an earlier version, you must use the Offline upgrade steps below.
Offline upgrade
- Download the new gerrit.war
- Stop Gerrit
- Ensure all installed plugins are compatible with the new API
- Run init
java -jar gerrit.war init -d site_path --batch
- Reindex
-
If you are upgrading from a 3.7 version you don’t need to run reindex (see
Online index schema upgrade from 3.7
above). If you still want to you will only need to run reindex ofchanges
:java -jar gerrit.war reindex --index changes -d site_path
-
If you are upgrading from a 3.6 version, or an earlier version, you must run a reindex of all indexes:
java -jar gerrit.war reindex -d site_path
See the reindex program for other options.
- Start Gerrit
Online upgrade with zero-downtime
Gerrit v3.8.x supports zero-downtime upgrade from Gerrit v3.7.2 or later when configured using a high-availability configuration, and the Git repositories are stored in a shared filesystem such as NFS or similar.
During the zero-downtime upgrade, Gerrit end-users would not notice any outage or service disruption. They will be able to perform any read/write Gerrit operation on the GUI or using any API.
The zero-downtime upgrade consists of the following steps:
- Have Gerrit servers running v3.7.2 or later, in high-availability configuration, healthy and able to handle the incoming traffic properly.
- Set
gerrit.experimentalRollingUpgrade
totrue
ingerrit.config
on both Gerrit primaries. - Set one of the Gerrit servers to unhealthy.
- Shutdown the Gerrit server, update gerrit.war and plugins to v3.8.x and start Gerrit again.
- Verify that the Gerrit server is working properly (e.g. run automated smoke tests) and then make it healthy again.
- Wait for the Gerrit server to start serving traffic normally.
- Repeat steps 3. to 6. for all the other Gerrit servers.
- Remove
gerrit.experimentalRollingUpgrade
fromgerrit.config
on both Gerrit primaries.
Downgrade
Downgrade to any Gerrit v3.7.x release is possible, but requires the following manual steps:
- Shutdown all migrated Gerrit v3.8.x servers
- Update the gerrit.war and plugins to the previous v3.7.x version
- Run offline change reindexing using the previous gerrit.war version
java -jar gerrit.war init -d site_path --batch
java -jar gerrit.war reindex --index changes -d site_path
- Startup Gerrit server
Native packaging
-
GerritForge RPM repository updated for arm64 architecture
GerritForge RPM v1.4 has been released, including the native packages for arm64 architecture.
-
[DockerHub images for arm64 amd64 architectures](https://hub.docker.com/r/gerritcodereview/gerrit/tags?page=1&name=3.8.0) -
gerrit:3.8.0-almalinux8 OS base image upgraded to AlmaLinux 9.1
-
gerrit:3.8.0-ubuntu22 OS base image upgraded to Ubuntu 22
-
Breaking changes
-
Issue 16942: Gerrit does not render properly the modal dialogs on Safari 15.3, Chrome 36, Edge 78, and Firefox 97 or earlier.
Gerrit frontend uses the HTMLDialogElement.showModal function, which is not working properly on old browsers.
-
Change 365595: WebLinkInfo: Drop deprecated constructor
Custom UI plugins that are explicitly using
WebLinkInfo
are affected by this and might need adapting. -
Change 360756: Disallow uploading new prolog rules files.
Clients should use submit-requirements instead. Please note that modifications and deletions of existing rules.pl files are still allowed.
-
Change 360054: Allow callers to format create change response
Add
ListChangeOptions
toChangeInput
andApplyPatchPatchSetInput
such that callers can control what fields should be formatted in the returned ChangeInfo. For ApplyPatch, this commit changes the default formatting options fromCURRENT_COMMIT
tono-options
. -
Change 360219: Delete vote now fails for an already deleted vote
An e-mail was sent each time when a vote was executed, even if the label had been already set to 0 and thus no actual changes were made.
This fix can break some scenarios, where the caller expects that DeleteVoteOp will always succeed after the label was added at least once. This should be fixed on the caller side.
-
Change 358975: Skip account visibility checks when querying changes
Skipping the account visibility check when querying changes of users participating in the change (the change owner, reviewers, CCs etc.). This affects several search predicates:
owner
/uploader
/label
user
/reviewer
/attention
/commentby
-
Change 358954: Check permissions when resolving accounts by secondary emails
fixed an issue that allowed users to resolve secondary emails, although they should not have been able to see them.
-
Change 358114: removed automatic linkification of URLs that do not start with
http://
orhttps://
. -
Change 357298: Removed Assignee functionality in Gerrit.
‘Assignee’ functionality has been superseded by ‘Attention Set’. The functionality has no Web UI support anymore.
-
Change 357276: Removed option to disable Attention Set
No longer support the option of disabling the Attention Set.
-
Change 356941: Do not set
real_author
in ChangeMessageInfo ifauthor
==real_author
It’s not needed to return the author twice if the change message was not impersonated. Documentation already stated this, but clients should double check they don’t rely on
real_author
always being returned. -
Change 354916: Remove registerStyleModule() plugin API
Use
plugin.styleApi().insertCSSRule()
instead. -
Change 351814: Remove
notify()
from AnnotationPluginApi -
Change 351515: Remove html commentlink functionality.
Html commentlinks allow for arbitrary html injection on the page. Replaced them with link commentlinks, using optional
prefix
,suffix
,text
parameters to achieve the same functionality. Existing configs can be migrated using scripts intools/migration/html_to_link_commentlink.md
Other changes
Plugin changes
- download-commands:
- Change 365142: Only chmod if commit-msg hook was fetched successfully
- Change 362879: Allow to hide download schemes in the UI
- Change 359976:
Consistently use
git rev-parse
to find hooks-dir - Change 359823: Always use HTTP when downloading commit-msg hook
- reviewnotes:
- Change 365655: Add comment count to review notes.
- webhooks:
- Change 365175: Add HTTP response code ‘SC_ACCEPTED’ (202) as success case in response handler
- codemirror-editor:
- Change 361395: Add support for dark mode
- Change 363002: Add support for light mode
- Change 360836: Update CodeMirror to V6
- gitiles:
- Change 356473:
- Change 347214: Don’t depend on update ACL to create a branch
- replication:
-
Change 353294: Provide an option to skip replication of NoteDb meta refs
Replicating NoteDb meta refs is not needed when the remote does not run a Gerrit instance. This can be now disabled via
remote.<NAME>.replicateNoteDbMetaRefs
-
Performance changes
-
Change 360646: Introduce a per request ref cache for better performance
Add a new
core.usePerRequestRefCache
setting. If the setting is true, use a per request (currently per request thread) ref cache. This helps reduce the overhead of checking if the packed-refs file is outdated. This setting is true by default. -
Change 365144: Destination queries now use the change index
destination
predicate now matches any number of branch names with O(1) efficiency. -
Issue 16072: Fix “showchange” plugin event being triggered twice on patchset change
-
Change 363074: Performance optimization for cold-cache groups
Gerrit UI changes
-
Change 370995: Add comments chips to patchset select
-
Change 361574: Add darkMode param to gr-editor-view extension point
-
Change 358179: Add a new endpoint for a profile page
The goal of this endpoint is to show a new page that’s the contributions’ page of a user.
-
Change 360134: Fix “Old Patchset” being displayed on current edits
-
Change 359814: User can rebase whole chain from UI.
-
Issue 16545: Fix issue where using in-line editor to add new files / edit existing files didn’t show the changes in file list
-
Change 349422: Privacy information on settings page
-
Change 354154: Enter key selects emoji after ‘:’ is typed
The previous behavior was that enter wouldn’t select emojis until more characters were typed after ‘:’.
-
Change 352682: Matching atoms in copy conditions that are posted as change messages are highlighted in bold now.
When a new patch set is created and approvals are copied to the new patch set, Gerrit posts a change message to inform about the copied and outdated votes together with the corresponding copy condition. Passing and failing atoms in the copy condition are now highlighted in bold.
-
Change 351934 Comments tab respects special file sorting cases like .h
-
Change 348877: Show account hovercard preview on settings page
Account preview can be displayed in-flow without requiring hovering
-
Change 348794: Account chip preview on settings page
This lets the user see how they will appear to others and what data will be public.
-
Change 348536: Removed all hardcoded gr-icons.
All core plugins have been migrated to using Material-based gr-icon which no longer need these hardcoded SVGs.
Documentation changes
-
Change 361696: Remove prolog rules doc page mention from the index page
users should use submit-requirements instead of prolog rules
-
Change 348538: Improve Polygerrit README
-
Change 340255: Add a shortcut to Developer Setup
JGit changes
- Upgrade jgit to 5ae8d28. Notable changes are:
- Implement a snapshotting RefDirectory for use in request scope
- If tryLock fails to get the lock another gc has it
- Fix GcConcurrentTest#testInterruptGc
- Don’t swallow IOException in GC.PidLock#lock
- Check if FileLock is valid before using or releasing it
- Use Java 11 ProcessHandle to get pid of the current process
- UploadPack: use allow-any-sha1-in-want configuration
- Acquire file lock “gc.pid” before running gc
- Fix getPackedRefs to not throw NoSuchFileException
- Add pack options to preserve and prune old pack files
- Allow to perform PackedBatchRefUpdate without locking loose refs
- Document option “core.sha1Implementation” introduced in 59029aec
- Shortcut during git fetch for avoiding looping through all local refs
- FetchCommand: fix fetchSubmodules to work on a Ref to a blob
- Allow the exclusions of refs prefixes from bitmap
- PackWriterBitmapPreparer: do not include annotated tags in bitmap
- BatchingProgressMonitor: avoid int overflow when computing percentage
- Fetch-CLI: add support for shallow
- Speedup GC listing objects referenced from reflogs
- Fixes for multi-primary new loose object reads on NFS
- GC: disable writing commit-graph for shallow repos
- Introduce core.trustPackedRefsStat config
- Add TernarySearchTree
- CommitGraph: teach ObjectReader to get commit-graph
- PatchApplier: fix handling of last newline in text patch
- CommitGraph: add commit-graph for FileObjectDatabase
- IO#readFully: provide overload that fills the full array
- GC: Write commit-graph files when gc
- CommitGraph: add core.commitGraph config
- CommitGraph: implement commit-graph read
- Gc#deleteOrphans: avoid dependence on PackExt alphabetical ordering
- WalkPushConnection: Sanitize paths given to transports
- Fix documentation for core.trustFolderStat
- Update jetty to 10.0.13 d
- PackExt: Add a commit graph extension.
- UploadPackServlet#doPost use try-with-resource to ensure up is closed
- Update Apache Mina SSHD to 2.9.2
- Fix crashes on rare combination of file names
- DfsBlockCache: Report IndexEventConsumer metrics for reverse indexes.
- DfsStreamKey: Replace ForReverseIndex to separate metrics.
- RawText.isBinary(): handle complete buffer correctly
- PackExt: Add a reverse index extension.
Other dependency changes
-
Change 345774: Upgraded bouncycastle to 1.72
-
Change 355597: Upgraded commons-codec to 1.15
-
Change 355294: Upgraded jsoup to 1.14.3
-
Change 335738: Upgrade sshd version to 2.9.2 and mina-core to 2.0.23
-
Change 312716: Update Jetty to 9.4.49.v20220914
Other core changes
-
Change 367654 Fixed rebasing chain when a checks refs exists for one of the changes
Fixed a NPE that might have been thrown when rebasing on changes for which a
checks
ref exists. -
Change 366334 Added ‘a’ as alias for the ‘author’ search operator
This follows the example of other aliases, e.g. ‘o’ for ‘owner’ or ‘r’ for ‘ reviewer’.
-
Change 365901 Added global capability that allows to view secondary emails
If users have multiple emails only the preferred email is visible to other users. Now, with the new
View Secondary Emails
global capability it’s possible to allow viewing all emails. -
Change 361460 Allow editing commit message from Change-Id: to Link: footer
This allows to edit the commit message by replacing a valid ‘Change-Id:’ footer for a valid ‘Link:’ footer.
-
Change 350455: Enables transition from LDAP to Google OAuth
When transitions to Google OAuth from LDAP, if the account exists with the same e-mail then the account ID is reused. This allows to have the same user history post migration.
-
Change 359974: Fixed calculation of insertions and change buckets for change emails
When computing change email, the number of files, insertions and deletions didn’t count the commit message for number of files, but for insertions the lines from the commit message were counted, which was inconsistent.
-
Change 358115: Allow for plugin data directory to be symlinked
-
Change 357648: Don’t add owner to attention set on merged change if bot re-applies a negative vote
Bots can no longer re-apply negative votes on merged change, leading to an unwanted attention set update.
-
Change 357477: Added a new ‘uploaderemail:
' operator for Submit Requirements returns true if the uploader’s email matches a specific regular expression pattern.
-
Change 357474: Added a new ‘committeremail:
' operator for Submit Requirements returns true if the change committer’s email matches a specific regular expression pattern.
-
Change 357460: Fixed
ownerin/uploaderin
for internal groups that include external groupsFixed an issue where the
ownerin
anduploaderin
predicates were not matching correctly for internal groups that include external groups. -
Change 350034: The commit-msg hook respects the scissors marker for the empty message detection.
When “git commit –cleanup=scissors” the commit-msg hook couldn’t detect if the commit message is empty properly.
-
Change 357278: Fixed parsing of URL parameters that contain a ‘%’ that is not part of an encoded character
Without this fix users could trigger 500 internal server errors in Gerrit by providing invalid strings for URL parameters.
-
Change 356762: Added support for rebasing on behalf of the uploader
Rebasing a change on behalf of the uploader means that the uploader stays intact when the reviewer rebases the change.
-
Change 356354: Added project permission for removing votes/labels
For every configured label
My-Name
in the project, there is a corresponding permissionremoveLabel-My-Name
with a range corresponding to the defined values. For these values, the users are permitted to remove other users’ votes from a change. -
Change 356260: Fixed overriding impersonated votes
Fix an issue where overriding an impersonated vote for a user A (real user B) only worked if the voting values were different. If the voting value was the same Gerrit wrongly assumed that the voting was a no-op.
-
Change 355574: Added support to remove a non-visible account as a reviewer through the PostReview REST endpoint
Fix an issue where, if a visible change had a reviewer whose account was not visible, this account could be seen on the change, but the reviewer could not be removed.
-
Change 351075: Added a REST API to rebase a chain of changes
A new API
POST /changes/{change-id}/rebase:chain
now allows to rebase an ancestry chain of changes. -
Change 355116: Added
prefixsubject
index field (requires index upgrade)Similarly to
prefixhashtag
andprefixtopic
it is not possible to search changes by subject prefix (e.g. a bug ID in square brackets). -
Change 354294: Custom git gc-preserve command which can preserve packs for JGit
Implemented a custom git command “git-gc-preserve” preserving old packs to prevent races between git gc running on a large repository concurrently to fetch/clone requests.
-
Change 354037: Added
subject
index field (requires index upgrade)Allow to query changes by subject.
-
Change 353674: Invalid label ranges for permissions are rejected when pushing a project.config file
Attempting to add permissions with a range where
min
is greater thanmax
, wheremin
is present butmax
is missing or vice-versa throws anIllegalArgumentException
. -
Change 353635: Set Access REST endpoint rejects invalid label ranges
-
Change 353655: Do not add a duplicated project.config entry if a duplicate input is added.
When the same request was made to the ‘Set Access’ project rest endpoint, it resulted in adding a duplicated line in the project.config.
-
Change 353287: Votes that are copied to follow-up patch sets when a vote on an outdated patch set is applied are now posted as a change message.
When votes were copied to follow-up patch sets they were applied in NoteDb, but users were not informed about them. Now a change message is posted to inform that the vote was copied forward.
-
Change 352055: Reject invalid base on push with proper error message instead of failing with an internal server error
-
Change 352034: Fix GetRelated if multiple changes for the same commit exist
-
Change 351534: Fix the issue that 404 page is shown after login
After logging in using the “Sign in with a Launchpad ID” link Gerrit used to display a “not found” page.
-
Change 351614: Do not require trailing slash for requests on root collections
Often users are confused why ‘GET /changes/’ works, but ‘GET /changes’ doesn’t. Both are now allowed.
-
Change 347719: Suppressing emails on submit is disallowed now if there is a post approval diff
Fixes a security issue where a malicious user could submit code changes without anyone ever seeing them. If a change is submitted and a post approval diff exists, no matter which notify setting the caller specified, Notify=ALL is used.
-
Change 351114: Add support for enabling Strict Dynamic CSP on Documentation pages.
-
Change 349175: Disallow ‘cansee’ account search operator with private changes
This operator used to fail for private changes if the change owner requested
cansee:<private_change>
. Now, if the caller of the query is the owner or one of the reviewers/ccs of the change, the query returns account data for it. -
Change 349216: Add a
has:submodule-updates
operator for submit requirementsReturns true if the diff of the latest patchset against the default base has a submodule modified file
-
Change 347936: Reject uploading project config changes if they contain duplicate submit requirement definitions.
Prevent project owners and admins from accidentally adding multiple definitions for the same submit requirement name.
-
Change 246234: The WorkQueue now uses new STARTING and STOPPING states while a listener’s onStart() and onStop() methods are called.
-
Change 346954: Log progress for online-reindexing of changes
When performing online reindexing, from the log file we could only observe when it starts and when it ends. With this change we log the progress once per minute.
-
Change 340061: Add old/new file modes to the ‘List Files’ diff endpoint
if a file is modified with a change to the file mode only, now the file will be listed as modified.
-
Change 245614: Added a WorkQueue.TaskListener extension for plugins
This extension point makes it possible for plugins to define and implement WorkQueue QOS policies.