New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exception when logging out after restart #9
Comments
I have also seen this. |
Fixed in: [1], [2]. |
openstack-gerrit
pushed a commit
to openstack-infra/gerrit
that referenced
this issue
Apr 27, 2015
GitHub-Bug: davido/gerrit-oauth-provider#9 Change-Id: I17aaed508ef61959a3fc5634d76eb5386305f9a0
openstack-gerrit
pushed a commit
to openstack-infra/gerrit
that referenced
this issue
May 6, 2015
GitHub-Bug: davido/gerrit-oauth-provider#9 Change-Id: Id25792cdf6e28ba8d0f97bcc41d8c6409558314e
rockylmc
added a commit
to rockylmc/gerrit-1
that referenced
this issue
Oct 28, 2019
* Fix cleanup after tests Some tests left over cloned Git repositories in the file system. Now all temporary folders created are cleaned up in the AbstractDaemonTest. Change-Id: I13a376784066f767f6fd792f908f8a09d6c0307e * Fix detection of symlinks in acceptance tests Delete of temporary files failed if the tmp folder in which the temporary directory was created is a symlink. Now, the temporary folder is canonicalized before it is used. This fixes this issue. Change-Id: Ic5aa91e5242b5b836131c11b05b8723c50b359d9 * Load notes in ChangeUpdate.storeCommentsInNotes() ChangeUpdate assumes the NoteMap in ChangeNotes is already loaded. However, the ChangeNotes were never loaded, so the NoteMap will always be empty. Therefore, we loaded the ChangeNotes. Change-Id: Ibebb0d8c75dcac57178438b633e18447ec3cdb2e * Fix successful login redirection to keep parameters Login screen accept a token to redirect to on successful login but if the token contained parameters, they were dropped. Encode/decode the token to fix this issue. When a URL has a pound sign, it is included in the token as well. This removes the hardcoded behaviour to include a pound sign in every redirect URL. Will now be able to use login redirection for URLs with no pound sign (e.g. GitWeb) Change-Id: If8a74a74ce11f79389895e4d036b06a1e81abbe5 * CM3: Add reStructuredText mode Rst mode depends on stex mode and makes use of overlay. Bug: Issue 2779 Change-Id: Idf745f50459b3d058d9a84496e43745c64ddfe5d * Fix example response in changes REST API documentation The example request is for a change on the gerrit project, but the response shows the change Id with project name 'demo'. Change-Id: I1a35402a8018bb316a6e908be610efdb9815466c * Make gitweb redirect to login Make gitweb redirect to the login page if the user isn't currently logged in Change-Id: Ib5b30d433b7ae629da00c02de5abc9d6990c6fc1 * Config Section: Add passwordForKey() convenience method Section class already provides password() method that does the right thing (store the value in secure.config) and suppresses the input from the terminal. However this method expects user/password pair to exist. With OAuth Github authentication provider we need to provide password for GitHub Client Secret. Add another convenience method for Section to operate on single field with description. Change-Id: I9593cd5b35ae263003c1d1c9d771638a780ef96a * Add documentation of the changes REST API /related endpoint Bug: Issue 2782 Change-Id: I42e650904d924890e367b7fc6478489311da3f41 * Factor setPatchSetId out of ChangeUpdate I missed this when factoring out AbstractChangeUpdate from ChangeUpdate. Change-Id: If6eb57fa1a2ed9b37061bdca2fcde200ef034329 * Modify CommentsInNotesUtil to handle removing a notes object Previously, we were using the inserter to insert null if the list of comments to write to the NoteMap was empty. However, in this case, we should be removing the note that existed before. Therefore, I made an additional method for the purpose of removing the note if we deleted all remaining comments from that note, removeNoteFromNoteMap(). Callers should call writeCommentsToNoteMap if they have a non-empty list of comments that they want to write to a note. If they have an empty list, they should call removeNoteFromNoteMap which requires a parameter for the RevId for the note where the comments used to be. Change-Id: Ia91d8698206ab4814039a47190319838ecb541cc * Modify PatchLineComment parser to incorporate status In anticipation of the ability to write draft PatchLineComments to NoteMaps, I modified some of the parsing code for reading comments out of NoteMaps to take status as a parameter so that when it parses a List of PatchLineComments out of the notes, they have the correct status. This is valid to do because all comments in the same note will all have the same status. Additionally, I had to modify the ChangeNotesTest class in combination with this to make sure that the comments being created for testing purposes had the status flag set correctly. Change-Id: If32e7075427abd2e6f02721824e8099243806243 * Factor out commit(MetaDataUpdate md) from ChangeUpdate I missed this when factoring out AbstractChangeUpdate from ChangeUpdate. Change-Id: I37d9fe82e1dbad64ef4e0733a4938053957e53fa * Correct ordering of PatchLineComments in ChangeNotes The ordering of the comment comparator in ChangeNotes should match the ordering defined in the PatchLineCommentAccess (compare filename, then line number, then writtenOn). Change-Id: Icc96f807f6e8a954f9e0a922e777278cb86a3bf1 * Update version to 2.10-rc0 Change-Id: Icf14daa3d9ba14e57b6c487140617191a895e203 * Lowcase table name Some Jdbc dialects (MySQL) are case sensitive, or to be more precise their behaviour depend on underlying operating system, as on some storage engines every table is saved in its own file. Fix uppercase table name to lowcase bug introduced in Schema 98. Bug: Issue 2788 Change-Id: I40065eee91aa9e48888ee675b68c6233cb7ab424 * Allow debug and trace log statements to be printed in log files System logs file appenders were created with an info threshold which was preventing debug and trace log statement to be printed in the files. File appenders should not have a threshold. Instead, the root logger should have a proper level (i.e. info) so if a specific logger is using a finer grain level (e.g. debug, trace), the log statements won't be filtered out by the appender. Set the root category to info and no longer set the file appender threshold when creating system logs. Change-Id: I747bef1f5dcb99784ba91dba6d29cf1fba582b62 * Fix Guice module auto-discover for plugin providers When a plugin provider was using the AbstractPreloadedPluginScanner to automatically scan its contents, the Guice modules were incorrectly detected and wrongly assigned: - Modules not initialised to null at the beginning of the scan - SshModule incorrectly assigned to SysModule and the other way around - Inner modules were clashing with named Guice modules e.g. install(new Module() { }) This fix brings much more sanity to module detection for plugin providers (e.g. Groovy, Scala or other pluggable plugin formats). Change-Id: I4edddd29acd0ff81cd61841bef8d2356ea20e716 * Set the version to 2.10-SNAPSHOT Change-Id: I46d413a0e61b5356eb5702ee230785b8b1471ff1 * Fix broken test compilation Change-Id: Id4bd313626142f115357c747a47107025e233e8a * Fix using HTTP methods other than GET from plugins Commit 3bde74c2797 introduced a bug in the REST API. Methods other than GET could not be used anymore from plugins. For example it was not possible anymore to delete projects with the delete-plugin using DELETE. Bug: issue 2949 Change-Id: If90247ec4e0dad03b02d0a9e21202455fece90a7 Signed-off-by: Stefan Lay <stefan.lay@sap.com> (cherry picked from commit 3d227bbadfa234bcac7400cf41030423bf183ff3) * Update replication plugin to latest version - Remove unneeded 'throws NoSuchChangeException' - Avoid throwing exception due to deleted change Change-Id: I97b86245c97f869828ba4feadb9ab73821e5b1ed * Fix example in documentation of Set User Preferences endpoint The example showed GET, but should be PUT. Change-Id: I37da23217f8bec351703755d3266f42b3f8c75ee * Revert "CM3: Add reStructuredText mode" Causing rendering failures in some cases. Filed a bug upstream: https://github.com/codemirror/CodeMirror/issues/2850 Change-Id: I0b4032d41b1fe5b9756ff59f752f5fce86634c41 * Mention the push %l-parameter in the documentation Change-Id: Icc564ca82c2e05d176f75ddfd3b11924dcabaabe * Fix broken formatting in Tomcat reverse proxy config documentation Remove the unnecessary [TIP] block. Fix the formatting of links. Enclose example settings in backticks. Add an anchor to make it easier to link the section from the release notes. Change-Id: I46dcc5cb6afc24c6717885a5ca5f1faa04d7a746 * Update Guice version to 4.0-beta5 Beta 5 releases the fix to Cookie mutability bug [1], so that we can switch again to Central repository and don't need custom Guice guice-servlet build. [1] http://code.google.com/p/google-guice/issues/detail?id=806 Change-Id: Ia766f3d9163afdae06ea7c702824909a8349b98e * Initial release notes for Gerrit 2.10 Change-Id: Iccaf7d4ea66eff290967c41ee70348a4dfc4511b * Update JGit to version 3.5.1.201410131835-r This JGit version fixes: - Bug 420915 - jgit gc hangs in partitionTasks with a very small repo - Bug 427107 - cannot push anymore The latter was observed by CollabNet to break Gerrit replication if gc created a bitmap index which may have induced PackWriterBitmapWalker. findObjects() to throw a MissingObjectException. This version of JGit also fixes the recursive merger on all storage systems. Objects created during the virtual base construction of a recursive merge must be written out somewhere and made available through an ObjectReader for later passes to work on. In both local filesystem and DFS implementations Gerrit was no-op'ing the inserter in dry-run mode, causing these objects to be lost and unavailable during the later processing stages of the merger. With a virtual common ancestor tree or blob missing, the dry-run merger fails and a spurious merge conflict is reported. Instead build a non-flushing inserter wrapper around a real inserter for the repository. On local disk (standard storage) this will allow the virtual base to write loose objects, which may be reclaimed in about two weeks by the standard `git prune` invoked by `git gc`. On DFS systems this will create a new pack file and buffer a block of data in memory before starting to store to persistent storage. However with no flush() the DfsInserter will attempt to rollback the pack, which may allow the DFS system to reclaim its storage quickly. Some implementations of DFS may buffer even more deeply than one block, making the discard even cheaper for smaller merges. This update also fixes a potential infinite loop during object inflation within both the WindowCursor or DfsReader versions of ObjectReader. Inflation could get stuck if an object's compression stream within a pack ended at a very precise alignment with the cache block size. The alignment problem is very rare, as it has taken several years to identify and track down. Includes changes done in I9859bd073bd710424e12b8b091abb8278f4f9fcc on master. Change-Id: I898ad7d5e836ebae0f8f84b17d0ae74489479ef9 * Buck: Package servlet-api in WEB-INF/pgm-lib again Idc8c24854 added servlet-api as transitive dependency to gerrit-server Buck artifact. As the consequence servlet-api was included in lib drectory instead of in pgm-lib. Change-Id: I190a4d98d85d17b619ee81e3bb32eee58134677c * Fix login redirect for non default (root) context Login redirection was working fine when gerrit is deployed in the root context but did not otherwise. Issue: 2990 Change-Id: I851d45d4b9de1f70e45cdd5daaa838546dae02db * Update replication plugin - Fix replication_log no longer logging after plugin reload - Prevent creating repos on extra servers Change-Id: I4320e53fa4c2f0c619cd38dfa83eddd55a5e8bf0 * Fix NullPointerException in Reindex Reindex was loading the AccessControlModule which is loading the GitUploadPackGroupsProvider and the GitReceivePackGroupsProvider. Those 2 classes need the CurrentUser in order to determine if he can see the configured groups if those are not visible to all the users. Reindex binds the CurrentUser to null which was causing the NullPointerException if upload of receive groups were configured in gerrit.config. Instead of binding the CurrentUser to the InternalUser class which would have fixed the issue, bind the GitUploadPackGroups and GitReceivePackGroups to empty sets. The reason to use the second option is because the providers of GitUploadPackGroups and GitReceivePackGroups will require to load groups information from the GroupBackend which can take time and is not required by the Reindex. Issue: 3025 Change-Id: I78d7bb93195aefb82ebec421237147db2f7e4b3d * Update 2.10 release notes with information from 2.9.2 Mention that 2.10 includes the fixes that were done in 2.9.2. Add a warning about database table primary key update during site init. Change-Id: I1a517b338d223b922de8f2b45b2e37a0b2891d28 * Remove 2.9.2 fix from 2.10 release notes "Remove 'send email' checkbox from reply box on change screen" is included in 2.9.2 and should not be listed in the 2.10 release notes. Change-Id: Ifa6b3dcfa01d30148f33859402e0bafd7dbd1c26 * Update 2.10 release notes with info from 2.9.2 - Add a warning that the init should be run in interactive mode. - Switch from UK to US spelling. Change-Id: I13c0ab025287e6eb1e8b42f1ccadf77cdbfddd01 * Fix inconsistent behaviour when adding reviewers It was possible to add reviewers to a change when they had no visibility to said change and/or were not active users. This is inconsistent with what happens when adding groups. When adding groups, the non-active users and the users with no visibility to the change would not be added. Make the behavior of adding single reviewers consistent with adding groups. Change-Id: I606d43e6ca5ada88f26d3b14dd6f16c2306f74af * Only create All-Projects ACL once If refs/meta/config already exists do not overwrite or update it with default configuration. This protects site administrators who run `java -war gerrit.war init -d /some/existing/site --batch` and corrupt ACLs of a live server with default settings. To really set the default ACLs on an existing site the admin should remove the refs/meta/config branch so it can be created. Change-Id: I44a21b0c162812747ebcd50535709e8330dfbef8 * Enable scrollbars for "Edit Commit Message" TextArea Bug: Issue 2890 Change-Id: I5de5179d2c059ddd9ef26ec37dcf9891926e1c8e * Use current time for cherry picked commits Cherry picking with the submitter time could cause massive clock skew in the Git commit graph if the server is shutdown before the submit can finish, and restarted hours later. In such a case Gerrit will write out new cherry picks using hour-old committer times. This can confuse a Git revision walker if there are many such badly dated commits, more than the "slop bucket" the revision walker can tolerate (5-10). Updating the commit time on each attempt also allows this strategy to work around bugs elsewhere in Gerrit that does not handle patch sets with the same commit SHA-1 well. Each new retry will get a new SHA-1, as the timestamp is updated. Change-Id: Ia0be365054cdc4692a8f5aa2afc2fb87f2e7888a * Fix exception when clicking on binary file without being signed in The user preferences are only available if the user is signed in. Change-Id: I2ec307d34464394cd902218a32de1afdf5314f86 Signed-off-by: Edwin Kempin <edwin.kempin@sap.com> * ACL: Fix transitions check & a '1' in RefName In determining which access pattern has precedence, the 1st check is which pattern is closer via Levenshtein distance. The 2nd criteria is if they differ on finite vs inifite. The 3rd criteria is based on number of transitions in the pattern, where it is supposed to be the pattern with the greatest number of transitions having precedence. The check of using the number of transitions had the check reversed. This caused the pattern with the fewest number of transitions to have precedence. When determining the Levenshtein distance of a glob style pattern the trailing '*' would be changed to a '1'. The issue with doing this is that it could cause a different access pattern to take precedence if a RefName contained a '1' character as that would cause the Levenshtein distance to become decreased by one. Change-Id: Ibdcd483c303d24565ef43001b3831f6463c2ed8f Signed-off-by: John L. Villalovos <john.l.villalovos@intel.com> * Honor expireAfterWrite in the H2CacheImpl The H2CacheImpl didn't honor the expireAfterWrite. This had an effect that persisted entries never expired. For example, the web_sessions cache entries didn't expire after their maxAge was reached. Change-Id: I3a7c754ee05fe9ac92d96652db4b862bb597eba1 Signed-off-by: Saša Živkov <sasa.zivkov@sap.com> Signed-off-by: Adrian Görler <adrian.goerler@sap.com> * Include all command arguments in SSH log entry Previously the SSH log only included the first argument. This prevented the repository name from being logged when 'git receive-pack' was executed instead of 'git-receive-pack'. Now the SSH log includes all command arguments in the log ensuring that the repository name is always logged. This is desirable behavior for anyone looking to monitor repository access via the SSH log. Change-Id: Idff950e5480a122a2cb366a443d25aa9e0a8f5c8 (cherry picked from commit a56057f97620ae7b958c338149853d605d8d3604) * Update 2.10 release notes - Add information about bug fixes that were recently cherry-picked from the master branch. - Move some bug fixes from the new features section to the bug fixes section. - Expand the description of the "Add Me" feature on the change screen. Change-Id: Ie14bab657f5a4f358489b04d16fd330ee66c2c4b * Clarify behaviour of the 'Remove Reviewer' permission for change owners Without having the 'Remove Reviewer' permission, change owners can only remove reviewers that have given a zero or positive score. I.e. they cannot remove reviewers that have given negative scores. Clarify this in the documentation. Change-Id: Ic1c5a292607f64337f82596553066cdbcd04eda2 * Disable Git over http when Gerrit is not configured to support http When http is not defined as a download scheme, it removes the http download links in the UI but git over http was still working. Bug: issue 1050 Change-Id: I0da82f75c420ddbc8f35382bb66c0aed4b7dbef3 * Don't show 'Add Me' button for change owner or existing reviewers Change-Id: Ib79bd18d863b7b62e90be7179d85465f25cc7759 * Revert "SSHD: Prevent double authentication for the same public key" This reverts commit a5959d2216bee502c70ba7c285b2e3873d69d190. This revert is necessary because of downgrade to the SSHD 0.9.0. Change-Id: Ia41ad2d9a713ddd515bc383923844227b676070f * Update version to 2.10-rc1 Change-Id: Ia5ed1dd73dbfbbfc1330c8af7ddbd3bdf1be27aa * Set version to 2.10-SNAPSHOT Change-Id: I7a051ebca6d5d989fe8c5b12e84d9974ce4dcb1d * Don't duplicate commandName in SSH log Using an enhanced for loop caused it to include arg[0] which duplicated commandName. Now it uses an explicit for loop starting at index 1 to avoid this. Change-Id: Ie1db7d41c1670ba463f8c8002560192183015113 * Show link on hover for headings and anchors in documentation For supporting users it is often useful to send them links to a certain section in the documentation. The Gerrit documenation contains a lot of anchors, but they are not easily accessible. If the section is linked from the TOC the link to the section can be gained by clicking on the link in the TOC. To link to other elements it is often needed to check the HTML source code to find out the link target. Make the links to section headings and anchors easier accessible by displaying a link icon when the mouse is hovered over the heading or anchor. By clicking on the link icon the page anchor is set and the link can be copied from the address bar of the browser. Having this functionality for anchors is especially useful for linking to certain configuration parameters in the config-gerrit.html page. The link icon is taken from the 'Freebie: Application Icon Set' [1] which is licensed under the Creative Commons Attribution 3.0 Unported License [2]. [1] http://tympanus.net/codrops/2012/10/02/freebie-application-icon-set-png-psd-csh/ [2] http://creativecommons.org/licenses/by/3.0/deed.en_US Change-Id: I4377ea23ad76143fd4caa78afc30b82690e533ff Signed-off-by: Edwin Kempin <edwin.kempin@sap.com> (cherry picked from commit a92861fb0126238014fc603257da65748efb05ca) * Detecting Trivial Rebases fails unnecessarily early When label.Label-Name.copyAllScoresOnTrivialRebase is enabled, the detection of Trivial Rebases fails unnecessarily early if useContentMerge is disabled in the project settings. According to the code comments, a Rebase is Trivial if the Old PatchSet, cherry picked ontop of Parent of the New PS, yields the exact same tree as the New PS. There is no reason to fail this detection due to a path conflict regardless of the circumstances. A Trivial Rebase is always a Trivial Rebase if the code delta is unchanged. This fix makes the Trivial Rebase detection ignore the useContentMerge settings. Change-Id: I7ef9bda0db3acce0d19bc6888084e57e55cb4b32 (cherry picked from commit dd4c0fb16d66bb010ef97d9f12487f350e08595f) * Remove now unused project parameter Change I7ef9bda0db3acce0d19bc6888084e57e55cb4b32 removed the usage of the project parameter. Change-Id: I14857e0cb92662b1233bc3351d3367a73fceed0b * Fix missing return after %submit is rejected Using %submit is currently only allowed if the caller has Submit granted on refs/for/$branch. Early return once it is known submit permission is missing. Change-Id: I8da76454bf1efdf9fbc9ec662e1711489dbce009 (cherry picked from commit d07a5ab586ca38b067a3c3ded387353b0fba2c09) * Do not include project watchers on new draft changes If a draft change is created by pushing to refs/drafts/master only the reviewers explicitly named on the command line (which may be empty) should be notified of the change. Users watching the project should not be notified, as the change has not yet been published. Change-Id: I703ea779106c025c8002e79d39c060208b2e119d (cherry picked from commit 8690a108f6f63b58496d49c09e1e6ea954c7c7b0) * Update ReleaseNotes-2.10 Change-Id: Ief964e57fca8a75f75719c6d3e16f8e16e7acdec * Show link on hover for h4 headings in documentation E.g. in cmd-stream-events.txt we use h4 headings for the different events and it would be nice to be able to link to them. Change-Id: I1aaf496852a1793b34f1c694a2b2d486af0a028e Signed-off-by: Edwin Kempin <edwin.kempin@sap.com> * SideBySide2: Fix alignment for long insertion/deletion blocks In commit 1dbc53126cafc0f553b709 the line-height was changed to "normal", allowing for taller text lines. Padding for insertion or deletion blocks was no longer tall enough, which caused the two sides to stop aligning. Correct this by computing the line height on the fly after the UI is displayed and the browser was able to compute font metrics to a sampling of 10 lines of text. Use the guessed value from a prior rendering for the new one, reducing any reflow that has to occur upon viewing another file in the same application session. Chrome on Linux is showing the lines are 15px tall, so use that as the current default guess, reducing initial reflow for any platform that has this font height. Bug: issue 2970 Change-Id: Ic5f7dbbd1cc3582388cfcdf6faf9dca1f7a85fa0 (cherry picked from commit 941d32cff210e3bec4e114ea35822b017faf18f1) * Update 2.10 release notes Change-Id: Ie130be8f6bb9e20e88be9f1b481e1f2853f033db * Update JGit to 3.5.3.201412180710-r This JGit version mitigates CVE-2014-9390 [1]. [1] https://projects.eclipse.org/projects/technology.jgit/releases/3.5.3 Change-Id: I7fa9ae43205afcc30f71578691f0fc30457fbd6b Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> * Update 2.10 release notes - 2.10 includes fixes from 2.9.3 and 2.9.4 - Update JGit version Change-Id: Ib53144a7f2008ab7cf51687e72fce12f84fdac8e * Resource exhausted because of unclosed LDAP connection When auth.type is set to LDAP (not LDAP_BIND), there will be two ldap connections. The 1st connection will bind LDAP to find the DN of the login user, and this connection will be closed in the try...finally block. But the 2nd LDAP connection used to validate user password is not closed at all. Too much unclosed TCP connections cause resource exhausted and latter LDAP authentication will fail. Change-Id: Ia5d83cccde8a0e6590d3e2fadc638d67f6e300e8 Reported-by: Wang Yiming <youthdragon.wangyiming@huawei.com> Signed-off-by: Jiang Xin <worldhello.net@gmail.com> * Let RefControlTest be responsible for creating own test projects All test cases which test inheritance of the access rights assume existence of two projects: "local" and "parent", where "parent" is the parent of the "local". The cc00e0056991355b8780bebd221acf3baf1f55e7 moved the creation of the "parent" into the Util class and it wasn't intuitive to follow what exactly the "util.getParentConfig()" meant. Remove the creation of the "parent" project from the Util class and create the "parent" in the RefControlTest. Also, make sure that "parent" is set to be the parent of the "local" in the setUp method. Change-Id: I991a9bc25ca7609b5d9e15e54167446c7b0aa6cf * Fix faulty behaviour in BLOCK permission BLOCK can be overruled with ALLOW on the same project, however there is a bug that happens when a child of the above project duplicates the ALLOW permission, in this case the BLOCK will always win for the child, even though the BLOCK was overruled in the parent. This behaviour occurs because the ALLOW permission of the parent is overridden by the ALLOW of the child, so when the BLOCK check occurs the code thinks the permission should be blocked because it doesn't see the ALLOW of the parent and BLOCK can only be overruled from the same project. Bug: issue 2995 Change-Id: Ib100deb181a0fdb07527a7242c4d4e8c4fe24b9b * Update 2.10 release notes Change-Id: I9c5dd2d3662ccd5e8bf59b8614f4fa46f6ab946a * Re-enable the Cherry Pick button when cancelled If the Cherry Pick dialog is cancelled, the Cherry Pick button cannot be clicked again. Change-Id: I5c2fb48ae4b01cfa122797b84a226cfb4ef6efe5 (cherry picked from commit 06810e758c7ea0eabf7ff43d785c65e2c90d1373) * Update 2.10 release notes Change-Id: I686ee169aebb42ff649c2ffa27cf0a58af1949c3 * Fix JSON errors in /projects REST API documentation The JSON in some example responses was invalid as it contained extraneous commas in some places. Bug: issue 3107 Change-Id: I118fc8fb9cf2db30e9d71d6a44d892a37e5c9f27 Signed-off-by: Edwin Kempin <edwin.kempin@sap.com> * Fix plugin reloading for DynamicItems Since DynamicItems could only ever be loaded by a single plugin at a time (they are singletons), the code enforcing this prevented those plugins from being reloaded. Test Plan: reload the following plugins: * gravatar-avatar-provider * websession-flatfile Bug: issue 2895 Change-Id: I52a07f34d1fa0b756f4cc22d0d83d2ef6906840e (cherry picked from commit 9a5e78aa73fc4cf1159e2bcca95bf11c1f0b5cb5) * Update JGit to 3.6.2.201501210735-r This version of JGit logs IOExceptions caught while accessing pack files and only removes affected packs from the pack list if we know that the pack is corrupt. Other IOExceptions could be transient hence JGit doesn't remove the affected pack from the list anymore to avoid the problem reported on the Gerrit list [1]. It looks like in the reported case the pack was removed from the pack list causing MissingObjectExceptions which disappear when the server is restarted. [1] https://groups.google.com/forum/#!topic/repo-discuss/Qdmbl-YZ4NU Bug: issue 3094 Change-Id: I3cf36e1c2000f42652053ada712eccb955e99390 * Update 2.10 release notes Change-Id: I4590930934f509455ca1fe553d9159ae5eebfff9 * Update 2.10 release notes Change-Id: I6c084fc4834ab3e5665c59cb97c15e4b735e0f7e * Update version to 2.10-rc2 Change-Id: I734c379890a5b705aa2b1f2b34d9a19fe4fcdcb3 * Drop broken Schema migrations The code in the Schema_82 didn't work when upgrading from a 2.7 or an older release to 2.10. Drop the broken schema migrations. An upgrade from 2.7 or earlier release to 2.10 will need to be done in two steps: * upgrade to 2.8 or 2.9 * upgrade to 2.10 Change-Id: Ie7ae48326adb5d5c6e77190d9bf6739350a64887 * Update 2.10 release notes Change-Id: I1724daa28675ef63bbbbb5bec07ae7529c3b6dec * Update the Gerrit version in the plugin development documentation Change-Id: Idace56cc33efc4129be39e0c2f5fb7545ad6a967 * Remove the archetypeRepository property from the mvn archetype:generate When working with released artifacts there is no need to specify an archetype repository. Change-Id: Ib3010e1b08d361ae663f9cd3b3a412826f262cf4 * Update version to 2.10 Change-Id: I2795796ae77d240001fe5c789fe1aeae5fc34d56 * ChangeControl: Optimize creation by not re-reading changes There are two different controlFor() methods that accept change id and change. It seems that all callers have change instance available so there is no need to re-read the changes from the database. This fixes flaky query tests, see this thread for more details [1]. TEST PLAN: To reproduce you need heavy load on your machine. For example start LibreOffice's unit tests parallel to Gerrit's query tests: $ libreoffice> make check $ gerrit> buck test --no-results-cache //gerrit-server:query_tests Repeat the last command multiple times. Without this change I observed 2-4 failures from 10 runs. [1] https://groups.google.com/d/topic/repo-discuss/9wGKjTaVG7k Change-Id: Ia95458e86b214b12186ca60ccad46d586e13a01c (cherry picked from commit fa5fd568d0b945632e4dd3f4cff84f56d9e4b1f5) * Add config options of LDAP 'connection pooling' With these config options user can enable LDAP 'connection pooling' for Helper.open() to improve the performance of LDAP server access. Change-Id: If1c7bb5a9f5824aaa0bd71e8419b91a8f588493d * Honor ldap.connectTimeout also without connection pooling The com.sun.jndi.ldap.connect.timeout env variable is independent from whether LDAP connection pooling is used or not. Change-Id: I8e84efa89deb5c292d51e941e0a325cb7fc3f0a6 * Improve method and variable names related to group inclusion caches In [1] group's accounts will be cached, thus in the semantic environment of group inclusion caches the words 'member' and 'include' will not only be limited to subgroups and parent groups, but will also include accounts. This commit does not update cache names and does not affect users. It only updates related method names to be more meaningful. [1] https://gerrit-review.googlesource.com/58302 Change-Id: I9a5be1cb08ff53e2cede251a6f63e16ec25cdcfa * Fix LDAP connection pool configuration. Commit cd04bbc1 introduced LDAP connection pooling but it made a wrong assumption that connection pool settings can be provided as env variables. According to [1] and also [2] the LDAP connection pool configuration is done via JVM system properties. Only "com.sun.jndi.ldap.connect.pool" is specified as an env variable. [1] http://docs.oracle.com/javase/7/docs/technotes/guides/jndi/jndi-ldap.html#POOL [2] http://stackoverflow.com/questions/22411967/which-ldap-jndi-provider-pool-settings-are-system-properties-and-which-are-envi Change-Id: I71eb1934a23d658a1801afcd125895c59b69581e * Reduce number of LDAP queries when having multiple accountBases When searching for an account in LDAP we used to first execute one query for each account base and, after that, check if the account was found. For an LDAP configuration with N accountBases this always executed N LDAP queries. In most cases this was not necessary as the account was often found in the first configured accountBase. Check if the account is found after each query and return as soon as it is found. When most users are found in the first configured accountBase this should reduce the number of LDAP queries by a factor of N. Change-Id: I6eced365506ac9a2716cef643b5760b68fc3966d * Improve LDAP login times, transfer 40x less data. When recursively expanding LDAP groups we used to fetch all attributes for each group. In our corporate setup this has been causing a huge amount of data being transfered from the LDAP server to our Gerrit instances. In the tcpdump output I could find a list of all corporate user accounts being returned (probably as an attribute of a group). However, we are really only interested in one attribute. Therefore, ask the LDAP server for this one attribute only. This reduces the amount of transfered data by a factor of 40, in our corporate setup. Change-Id: I74df9064771d174a02f0e4d7cb2c5a994b9d8333 * Configurable ldap.fetchMemberOfEagerly to optimize LDAP login Only query for all groups where the user belongs to if the fetchMemberOfEagerly=true. Since querying for LDAP group membership also performs recursive group lookup, this may save a lot of LDAP requests and traffic on user login. Gerrit instances which use LDAP for user authentication but otherwise rely on local Gerrit groups will want to set the fetchMemberOfEagerly=false. NOTE: Even if we avoid fetching LDAP group membership eagerly on user login, we just postpone querying of the LDAP group membership until the UI asks for all capabilities for this user. This happens immediately after the login. This issue is addressed in the follow up change. Change-Id: I4c33361976d814788dceb58a67c2027b9fd3e8d1 * Lazily lookup LDAP group memberships By deferring LDAP queries until a contains method is called the server can avoid looking up LDAP group information when only internal Gerrit groups are used in access rules. Change-Id: I96ac1894da07e00935ed6182084885a237ac414e * Fix NullPointerException when executing query with --comments option messages method was accesssing the notes member variable directly instead of using the notes method, which will load the notes if not already loaded. Issue: 3210 Change-Id: I4b02f10d75070507cedbe9876a0f7c90944e0e2d * Prevent NPE in ListTasks If the show-queue command is executed while an ls-projects command is executing, NPE occurs in the ListTasks REST API endpoint. Add a null check to prevent this. Bug: Issue 3211 Change-Id: Iea0ad5d1336d258ee2cd898eb5488ef610eb7d0c * OpenID: Remove support for Google Accounts From May 19, 2014[1] Google is no longer allowing new servers to use OpenID API to authenticate user accounts. From April 20, 2015 Google will shut down the OpenID service. Delete Google Account suggestion from the web interface. [1] https://developers.google.com/+/api/auth-migration#timetable Change-Id: Idcf4e5a528e574c0042c897db87ea821fbf89315 * OpenID: Add support for Launchpad on the login form The icon used in the login page is taken from [1] and encoded to base64 using [2]. [1] https://launchpadlibrarian.net/16111289/gem-sm.png [2] http://www.base64-image.de/ Change-Id: I8b3b10b7aef8a6dbae451edc017f9a35c1b9f1a9 * Update cookbook plugin to latest revision - Maven: use same version number for plugin version and API version - Maven: Add missing junit dependency - Consume API version 2.10 Change-Id: Id28b58cfdc329a335b6c26f3eb55c5ecc97e9dde * Point CGit link to new upstream Change-Id: Ib64b9ec1c8e297ef3a8fb2f4e3bb14248bb9785c Signed-off-by: Thomas Schneider <thosch97@gmail.com> * Expose extension point for generic OAuth providers Further development of OAuth authentication scheme support suggested in I86fb8fab3 is to restrict the core to expose only the OAuth extension point and use Gerrit plugin concept for OAuth provider implementations. When multiple OAuth providers are deployed on Gerrit site (from one or multiple plugins) selection page is shown to select OAuth provider per user base (as it's known for OpenID authentication scheme). The only difference is that the user can only select between deployed providers. OAuth logo was borrowed from: http://en.wikipedia.org/wiki/OAuth and http://en.wikipedia.org/wiki/File:Oauth_logo.svg The OAuth logo, designed by Chris Messina Creative Commons Attribution-Share Alike 3.0 Unported license Converted as base64 using: http://www.base64-image.de Source for OAuth protocol description: the same link as above. Bug: issue 2677 Bug: issue 2715 Contributed-by: Luca Milanesio <luca.milanesio@gmail.com> Change-Id: I7da0a6b3f2a99b6188bd14cf2818f673a3ddd680 * Improve performance of ListBranches REST endpoint Branch listing was reading all the refs from the repo and then filtering out any branches that were not refs/meta/config or starting with refs/heads. This extra IO and processing is hard to notice on fast file systems but it's not on slow ones, especially if repo has a lot of refs that do not start with refs/heads (e.g. refs/changes). Rework the branch listing to get only the refs that start with refs/heads from the repo and then add the 2 other branches required: HEAD and refs/meta/config. In one of our repos with 10k branches and 250k changes, this change reduced the branch listing to 10% of the time it took without this change. Change-Id: I0932d06229e6a8cbc9497abcc5b604d2f9a0113b * Fix LDAP authentication for the RFC2307 server type The accountWithMemberOfQuery is only set for the active directory server type. We must not use this query for authenticating against an RFC2307 server type as it is null in this case and no account is found. Honor the fetchMemberOf parameter of the Helper.findAccount only when the accountMemberField is supported for the given LDAP type. Bug: Issue 3201 Change-Id: Ifa58dcf6588b6bcae7c46d1cf793aaecb107aff2 * Fix NPE when indexing changed lines Change-Id: I0256dd2e3b194bf9fe989b196276e1405354ae0e * Improve class naming of group inclusion cache loaders In [1] the inner classes were named with lowerCaseNames. thisIsNotStandard. StandardForClassNamesBeginsWithCaps. [1] https://gerrit-review.googlesource.com/60356 Change-Id: Ia223cb6f010555841fd00be06c56b880968312fe (cherry picked from commit b6b88ebe9c5d85624f0fbb9dfb2c84b9373f9a4d) * Release notes for Gerrit 2.10.1 Change-Id: Ib5317c67ab058f8397ed1c2c353f55f3581217e5 * Set version to 2.10.1 Change-Id: I1bc1d4d6b270fe72c4bb3b7e7e4437e1e136b321 * Allow plugins to use self-provided licenses for used Maven Jars maven_jar only allowed to use licenses that were defined in '//lib:'. But plugins may need further licenses that are not yet in core (E.g.: plugins/its-jira relies on a jar with CPL1.0 license). Since, plugins cannot add rules underneath '//lib:', we add the local_license parameter to maven_jar, which allows plugins to use licenses from ':' instead of '//lib:'. Change-Id: Icc40c413eed65a0b6e3003021050d91086ca4c34 * Allow PatchListLoader to use recursive merger The automerge "base" created on merge commits should use the recursive merger, if it has not been disabled on this server. Switching to recursive allows handling changes that require the virtual common ancestor to be built when multiple merge bases are discovered for the two parents. Change-Id: Ica2daa6bd0a38f7fa1430bed28bd7f54d3bfb2c4 * OAuth: Allow to change username OAuth extension point was derived from GitHub OAuth implementation. Changing of user setting was disabled for GitHub, because it can be induced from the endpoints. Given that other OAuth providers don't expose username it makes sense to allow to change the attributes, as it is the case for OpenID authentication scheme. Inspired-by: Kelly Campbell <kelly.a.campbell@gmail.com> Change-Id: Idc15271b619f11c17c9ea88e611259e5a113b0e5 * OAuth: Allow to link claimed identity to existing accounts One of use cases OAuth plugin based authentication scheme is aiming to support is switch from deprecated OpenID provider to OAuth scheme offered by the same povider. In this specific case the database is already pre-populated with OpenID accounts. After switching the auth scheme to OAuth all existing accounts must be linked to the new OAuth identity. To support linking new OAuth identity to existing accounts, user info extension point is extended with claimed identity attribute. When passed, the account for this identity is looked up and when found new OAuth identity is linked to it. Change-Id: Ia6489762dd370bfbbaa16a7418cd3106d2d1112a * Workaround a RecursiveMerger bug [1], avoid online reindexing failure When performing a mergeability check for two commits which don't have a common parent the RecursiveMerger will fail with a NPE. This prevented the OnlineReindexer from finishing Lucene index upgrade. This issue was also discussed in [2]. Workaround: consider any exception from the RecursiveMerger as an expected error and return false as the result of the mergeability check. Also, never fail the online reindexing when the mergeability check is not able to finish properly. [1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=462671 [2] https://groups.google.com/d/topic/repo-discuss/REYuk4mgIw8/discussion Change-Id: Iea88440a9e25edf9385aba0663779d30e622e4f8 * Update replication plugin * Fix replication_log with external log4j.configuration Change-Id: I3594fa888e408cf5dbfecaf9531941abc019dfc8 * Update JGit to 3.7.0.201502260915-r.58-g65c379e Change-Id: Ib4b994c10d83ffc30e478428545dfb0d1be97dfe * Rework intra line diff to interrupt threads instead of killing them Now that MyersDiff is interruptible[1], interrupt threads instead of killing them when MyersDiff goes into infinite loop. Replace IntraLineWorkerPool that was created to allow killing threads by a standard CachedThreadPool. [1] https://git.eclipse.org/r/44041 Change-Id: I39ceef66f503fb9f0b6036fc32b671818772c258 * Work around MyersDiff infinite loop in PatchListLoader This infinite loop is happening for some files when the PatchListLoader is computing the differences between 2 commits. It first showed up[1] in the mergeability checks done in background and was easy to work around by killing the thread using Javamelody and abandoning the faulty commits. The issue showed up again, when upgrading from 2.9.x to 2.10: the online reindexer getting stuck because of that infinite loop and this time, no easy work around. Use a similar approach that was done in intraline diff to work around the MyersDiff infinite loop. Instead of returning a timeout error message when the infinite loop is detected, fallback to a diff algorithm that does not use MyersDiff. Returning a timeout error was not an option because the failing operation is not always triggered by a user. From the user perspective, the only difference when the infinite loop is detected is that the files in the commit will not be compared in-depth, which will result in bigger edit regions. [1]https://groups.google.com/d/msg/repo-discuss/ZtiCilM3wFA/LijfZ4YkLHsJ Change-Id: Ib00de070dd8df1722d4ade0a83c0ffa8eaa37f8e * OnlineReindexer: log the success/failure numbers on exit When the OnlineReindexer fails to reindex all changes it will not activate the new index schema version. However, it may happen that only there were only a few failures and that activating the new index schema makes sense. Help the admins make the decision whether to activate the new index schema version by logging the success/failure numbers in the error_log. Change-Id: I522e236ab1e9b60d5c3c7c215d8308972db45f70 * Remove unused OAuthToken in authorisation URL When the user needs to be redirected to the OAuth authentication URL for entering their credentials, the session is not active yet and there is no OAuthToken available. There is no value then in having a RequestToken parameter that will always be null anyway. Change-Id: I00fdbd32923a51e0c92e6bc0efff551936ec344f * Add log messages to troubleshoot OAuth/OpenID linking Change-Id: Ic8e13eb570d66e144520c29cd65308ce1f1d15c1 * Do not return 403 when clicking on Gitweb breadcrumb A message "Forbidden" was displayed when clicking on any part of the breadcrumb trail displayed at the top of Gitweb pages. That happened for projects with parent folders because browsing parent folders is not supported by Gerrit. Now when the user clicks on the parent folder, redirect to Gerrit projects list screen with the parent folder path as the filter. Change-Id: I86dfb3f29d8da6ee02efc95470673fe70a1f2d3e * Release notes for Gerrit 2.10.2 Change-Id: Ie1f5c51e498864cbc719f5cd4b1a511f87067381 * Update version to 2.10.2 Change-Id: I1d2c4096151a8451c6cff0dc136eea84808a0779 * Remove stripping # in login redirect The login redirect was set up to strip '#/' when redirecting to the login page. In 2.10, HttpLoginServlet assumed the URL already contained '#/', which means the redirect back to the original page after login would fail. Bug: Issue 3044 Change-Id: I5dc297e31d26006f52f869a63e5b9cc6f9591b21 * Revert "Downgrade SSHD to 0.9.0-4-g5967cfd" All versions of SSHD since release 0.10 were suffering from exhaustion of thread pool. Number of valuable features had to be reverted to downgrade the SSHD version to 0.9. This blocking bug [1] was fixed [2] and released in 0.14.0. Update to the new version of SSHD and revert the downgrade. This reverts commit bde8e9ac6f26a85c1a757ac0fa298f8b0c3c5783. [1] https://issues.apache.org/jira/browse/SSHD-348 [2] https://git-wip-us.apache.org/repos/asf?p=mina-sshd.git;a=commitdiff;h=964e76890cf56da4491199860d0ea8276fbd26a6 Change-Id: Ib5faf1df0cb6bde2e2cd554c9311cc5e55095b04 * Revert "Revert "SSHD: Prevent double authentication for the same public key"" This reverts commit c7dedf989cf1717548b0793490d0be9506c1bc2e. Change-Id: Ic4295ee58db8e0eb8869e526988ac4a3758370ee * Revert "Revert "SSHD: Allow ECDSA based public key authentication"" This reverts commit ef74c883e6cc07c0a55f14960dfc31b0feafc39e. Change-Id: I365c57365b4ea7271f104b8040f951b088cf80ab * Revert "Revert "Allow configuration of SSH rekey values"" This reverts commit 3435c536a6024fc2a92610be452ab4d85ae5268c. Change-Id: I4efe2e209ff05e68d8add596025622e76646bfde * Print proper name for ListenableFutureTask in show-queue command Any Gerrit WorkQueue.Executor that is decorated by a Guava MoreExecutors.listeningDecorator was not printing the proper task name in show-queue command. Even if the task defined a toString method, the toString method of the ListenableFutureTask was called instead. Since the task that we need to call the toString is wrapped into a FutureTask which is also wrapped into a ListenableFutureTask, there is no clean way to call proper toString other than modifying both classes to delegate the toString to task they are wrapping. Modify WorkQueue.Task.toString method to call the proper toString method by reflection when the task is a ListenableFutureTask. Change-Id: I551a89e88c4961b7412ff732bf47e2e3e9f3352f * Print proper name for mergeability check tasks in show-queue command Change-Id: I51e41c5eb52edddd3a7abc72e00cde248b68254d * Don't use deprecated PGPPublicKeyRingCollection constructor The PGPPublicKeyRingCollection constructor was deprecated in Bouncycastle v1.51. Use BcPGPPublicKeyRingCollection instead. Change-Id: If718a6eab13ff991fae3b8334c53f2bc6227f061 * Remove unused imports Change-Id: I079fc5767954d9ac795de459a9174d45825fe5e5 * Fix unused exception throws in EncryptedContactStore Change-Id: I7e3f13699a55e457c498010b9806b60dbf163ad4 * PatchListLoader: Don't use deprecated TemporaryBuffer.LocalFile constructor Change-Id: Iec0cae61e7c47d65278b9fc95328dfda90854e3a * SshDaemon: Don't use deprecated IoAcceptor.dispose() Change-Id: I971a5326c19b0274bfe28f84acff7dc76a664f3f * Revert "Revert "SSH: Simplify CachingPublicKeyAuthenticator implementation"" This reverts commit 48bf33b2ebf58d501d5745a64a76d7b47c85c407. Change-Id: I145d159327796ee524e05cc2019bb355f245a94b * Prevent wrong content type for CSS files The mime-util library contains two content type mappings for .css files: application/x-pointplus and text/css. Unfortunately, using the wrong one will result in most browsers discarding the file as a CSS file. Ensure we only use the correct type for CSS files. This happens because MimeUtilFileTypeRegistry attempts to get all MIME types from mime-util and then sort the result based on the specificity of each type. Since both types have no magic string, only the ExtensionMimeDetector matches. Change-Id: Idfe88dc823f191d9c9e0b9c9da3b5d2ec471f9db * Invalidate OAuth session after web_sessions cache expiration When web_sessions cache is expired, OAuth session preserves it logged in state. This makes new sign-in impossible. Rectify it by checking the states mismatch and invalidating OAuth session when web_sessions cache was expired. GitHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/5 Change-Id: I3d57193c5af29561fd1fac0804dd19c08a0e9dbe * OAuth: Respect servlet context path in URL for login token Due to a limitation in Jetty [1] we cannot rely on getPathInfo() from web filter and need to strip the context path manually. [1] https://bz.apache.org/bugzilla/show_bug.cgi?id=28323 GitHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/6 Change-Id: Ie5e82abfc1b03b5be72769e05665ecd6099d2897 * Update revision of the replication plugin - Set connection timeout to 120 sec for SSH remote operations Change-Id: I651e331706d6a8b64bf3470eb9036e65930d160e * Fix NPE in GitWebServlet Bug: Issue 3289 Change-Id: I6c2a9e231343c3790ec913e1bf5de37f319d616a * Release notes for Gerrit 2.10.3 Change-Id: I03e0294f2e0d3beb7cb77e61103ed7b8bfc40509 * Support hybrid OpenID and OAuth2 authentication e9707d8f85 exposed OAuth authentication extension point. Using this extension point plugins can offer OAuth2 authentications. That is fine for new Gerrit sites, which can restrict the auth scheme to OAuth2 only. For the existing sites, that rely on non SSO OpenID auth scheme it doesn't work to migrate to OAuth2 because of diverse contributors base that use different OpenID providers. Not all OpenID providers offer OAuth2 protocol. Particularly, widespread OpenID providers among open source Gerrit communities are Launchpad/UbuntuOne and FedoraProject don't offer OAuth2 protocol. To not lock out those contributors from being able to contribute to open source Gerrit based projects OpenID must still be supported. With Google's shut down of their OpenID service in April 2015, big user base is locked out from contribution to Gerrit based projects that only support OpenID auth scheme. The only way to still support OpenID 2.0 providers and new OAuth2 based protocol is native support for hybrid authentication scheme in Gerrit. This change extends OpenID auth scheme by making it aware of optional OAuth plugin-based authentication. When no oauth-provider plugins are deployed, OpenID auth scheme works as usual. When OAuth provider plugins are deployed, OAuth2 providers are offered on the OpenID login form, in addition to hard coded Yahoo! and Launchpad OpenID providers: [1]. [1] http://imgur.com/IcCrChN Change-Id: I6d70212f4fea5443a6322c7da683e1e943d058eb * Include submitter in ChangeMessage on submission Change-Id: I2136577857b3307ddcd91fa0d77265acd6532ea0 * Update 2.10.3 release notes Change-Id: Ia54e447f55e2884c68994bc2d95e71cf5c6aaa6f * Check reachability from R_HEADS/R_TAGS/REFS_CONFIG when creating branches Creating branches has become a very heavy operation for Gerrit on large Gits with many change-refs. By only taking R_HEADS/R_TAGS/REFS_CONFIG into consideration when checking commit connectivity, the creation time went from 50 seconds to 3 seconds (creation initiated using the UI) on a git with 158k refs (143k refs from patch sets). Change-Id: I386f3456b35c28ffa6580cafbe6901c5d420a47d * Improve the version computation for the release notes The "make -C ReleaseNotes" used to produce a version descriptor like: X.Y (from X.Y-rcN-...) when the ReleaseNotes-X.Y.txt wasn't changed in the vX.Y tagged commit. For example, if we checked out the v2.10 and then built the ReleaseNotes-2.10.txt the version string in the html file was: 2.10 (from v2.10-rc2-...) which wasn't really nice for a final release. I had to change the generated html file manually. Here is an overview of how this change improves the computation of the version string for the ReleaseNotes-2.10.txt file: Checked out | Version (before) | Version (after) ------------+--------------------------+--------------------- v2.10-rc2 | 2.10 (from 2.10-rc1-...) | 2.10 (from v2.10-rc2) v2.10 | 2.10 (from 2.10-rc2-...) | 2.10 master | 2.10 (from 2.10-rc2-...) | 2.10 Only add the "(from N)" suffix if the ReleaseNotes-X.Y.txt is different in HEAD and in the vX.Y. In the "(from N)" string compute the N as "git describe HEAD" instead of describing the last commit where the ReleaseNotes-X.Y was changed. Change-Id: I66aff6cc57cfbd42a332ca19445dedbfbee0b088 (cherry picked from commit 25bd938158aead6583bc1f6c0b64d8b33a657ab1) * Update 2.10.3 release notes Change-Id: I07be2d363b85e0372504b8782fd4be451ed4f486 * Update version to 2.10.3 Change-Id: I2f5be2347f614fbd2016aee9183aa175d408efb6 * Fix broken formatting in 2.10.3 release notes Change-Id: I4ecccf14f5b2f6cf1edb0e408c120025ca673c37 * Release notes for 2.10.3.1 Change-Id: Ia37d71db50b88f624c59eb1815a73689a1613fb7 * Update version to 2.10.3.1 Change-Id: If6e4ad9ae769d261035566ef3c60763f83c5e054 * RestApiServlet: Flush pending padding as well This issue was found by scan.coverity.com (CID 19911) which is a static code analysis tool, free for open source code. Originally it was classified as a resource leak, but this is a miss classification as the auto closing of the OutputStream will flush any pending padding. Change-Id: I4dc2d1cd9f52740490fda7c37e98b115fa59ec3a * RestApiServlet: Leave OutputStream open when flushing base64 padding Some Java servlet containers fail if the response's OutputStream is closed twice by the application. This appears to contradict standard behavior in Java where most streams gracefully ignore extra close. Unfortunately the container is required to power gerrit-review and as such Gerrit needs to try to tolerate its behavior. Wrap the supplied OutputStream delegating all calls except for close(). No-op the close() method so the Java 7 try-with-resources block does not automatically close the servlet OutputStream, leaving this for the caller's finally block. Change-Id: I84bd3c8031580f805d5d4ef5d70f09b89e170450 * Hybrid OpenID/OAuth: Check for session validity during logout GitHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/9 Change-Id: I17aaed508ef61959a3fc5634d76eb5386305f9a0 * OAuth: Check for session validity during logout GitHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/9 Change-Id: Id25792cdf6e28ba8d0f97bcc41d8c6409558314e * Bump JGit version to 3.7.1.201504261725-r This version fixed JGit regression, causing severe (>10x) performance degradation on huge repositories (>2GB) on git push and CPU consumption explosion during replication: [1]. [1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=465509 Bug: Issue 3300 Change-Id: I6b1fa985fa3738801d3fa27d690a1c02c1afc1db * Hybrid OpenID/OAuth: Allow to link identity accross protocols This change support all linking directions: * From OpenID to OAuth * From OAuth to OpenID * From OAuth to OAuth TEST PLAN: 1. Set up vanilla Gerrit site 2. Assign auth scheme to OpenID 3. Install gerrit-oauth-provider plugin 4. Configure GitHub or Google provider (or both) 5. Sign in with source identity 6. Click User => Settings => Identities => Link Another Identity 7. Select target identity from the login form 8. Confirm that the target identity is linked to the source identity GitHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/12 Change-Id: I06e5cfc2ad1dde81050b951c0b7f602461af7992 * Hybrid OpenID/OAuth: Support switching identities Change-Id: Iac0e36c2dd6b8e99a3b99c9594e29cca9bac22ca GutHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/11 * Fix project creation with plugin config if user is not project owner On project creation it is possible to specify plugin configuration values that should be stored in the project.config file. This failed if the calling user was not becoming owner of the created project, because only project owners can edit the project.config file. With this change now it is sufficient to have the 'Create Project' capability to create a project with an initial plugin configuration, even if the creating user is not becoming project owner of the created project. Change-Id: Ifecfeadd425afeff83197b11c97c1c2bbbef8eef * Add '/.apt_generated' and '/.factorypath' to .gitignore These files are not created with Gerrit 2.10, but only with Gerrit 2.11 and newer where these patterns are already ignored. However switching from a new branch >= stable-2.11 to stable-2.10 leaves these files in the working tree so that it is dirty. Change-Id: I50f4069bb8600ed133fc2e0aade7974c6f721b7d Signed-off-by: Edwin Kempin <edwin.kempin@sap.com> * Update JGit to the 4.0.0.201505050340-m2 version 18c4ccd2c3 changed JGit version from the 3.7.0.201502260915-r.58-g65c379e to the 3.7.1.201504261725-r. However, except for the one new commit which the 3.7.1.201504261725-r brought, this was effectively a JGit downgrade. We need to upgrade JGit to a version which contains the fix for the [1] and is a successor of the snapshot version 3.7.0.201502260915-r.58-g65c379e which was used in the 2.10.3.1. [1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=465509 Change-Id: I7b5f21700c6cda20b000e1e55266015f081b66bf * Allow to link user identity to another OAuth provider GitHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/12 Change-Id: I9507d15983cd021ba883afbdf4e526091d55c517 * OAuth: Simplify protocol implementation Change-Id: Ia713593c57d9f68f6fcac8ff3978428052aee5fb * Release notes for Gerrit 2.10.4 This is a fix for >10x performance degradation, caused by this JGit change: [1]. In addidtion some minor fixes for base64 patch download and OAuth2 extension point are also included. [1] https://git.eclipse.org/r/31081 Change-Id: Ia9e190b22e1573a3876db2a87198fca9dd7ea01f * Update version to 2.10.4 Change-Id: I8557fb050b9bebeab2f5999c86c6e947955d5f52 * Set VERSION to 2.10.4 Change-Id: I5b4b519f09e3d9cfefec27db4429a350af64fa08 * Prolog-Cookbook: tidy up rule status descriptions Change-Id: I3fef34f837381b046180c04b726add68c865569a * Fix various spelling mistakes Change-Id: I5fb811eab02d48a649990c6418977915c7dd7430 * Fixed regression caused by the defaultValue feature [1] added support for selecting default values for labels. Unfortunately it also broke the ability to remove labels as described in [2], more precisely by: "To remove a label in a child project, add an empty label with the same name as in the parent." This fix make it possible to push empty labels in project.config to refs/meta/config again. Without it, the following error is returned by gerrit: 'project.config: Invalid defaultValue "0" for label ...' [1] https://gerrit-review.googlesource.com/#/c/55750/ [2] https://gerrit-review.googlesource.com/Documentation/config-labels.html#label_custom Change-Id: Icd727f64cb7a904957a2acc5143fe801653cfabe * Bump JGit to v4.0.0.201506090130-r This JGit version includes the bugfix [1] which is an attempt to fix the "Cannot read project" issue in Gerrit, as discussed in [2] and [3]. This version of JGit also removes the 'release()' method in many interfaces/classes in favor or the implementing the AutoCloseable interface. In stable-2.10 we just replace all usages of the release() method with the close() method. Refactoring the code to make use of the AutoCloseable in stable-2.10 would be a larger change which wouldn't justify itself as we don't expect any major development in stable-2.10 and the usage of AutoCloseable in the master branch is already done. [1] https://git.eclipse.org/r/48288 [2] https://groups.google.com/forum/#!topic/repo-discuss/ZeGWPyyJlrM [3] https://groups.google.com/forum/#!topic/repo-discuss/CYYoHfDxCfA Change-Id: Ie540296238e3bbaf453c9e29426825431e15d423 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> * Release notes for 2.10.5 Change-Id: I3b78cd335a2766cb710c5a2fbfebcad734f391b5 * Update version to 2.10.5 * Fix license generation Broken by d8af092c0a37025d84ced45903af2e52048d387e dropping the license dependency from JARs by accident. Change-Id: I64fcb042ee65dc554353b58bce22f9d1462985e2 (cherry picked from commit c535dd6e231821a940ef692ca36d8182b30ff80c) * Release notes for Gerrit 2.10.6 Change-Id: I49b5094db78ca28e0ae56732670e9f0f62b310b2 * Update version to 2.10.6 Change-Id: I2e41f2b6044563f4f63324fa50ad8ed3145d8c24 * PatchListLoader: Synchronize MyersDiff and HistogramDiff invocations To overcome MyersDiff endless loop problem, the computation thread can be interrupted and set to cancel with Future.cancel(boolean) method. However it cannot be assumed that after this method returns the thread is terminated. When the system is under heavy load or/and the thread in question is in a tight loop, it won't stop. It can be seen with this instrumentation change in JGit: [1] with the corresponding dump [2]. Synchronize the MyersDiff and alternative HistogramDiff algorithm invocations to prevent pack file corruption, as WindowCursor.inflate() method isn't synchronized. [1] https://git.eclipse.org/r/#/c/57583 [2] http://paste.openstack.org/show/475785 Bug-JGit: https://bugs.eclipse.org/bugs/show_bug.cgi?id=467467 Bug: Issue 3361 Contributed-By: Khai Do <zaro0508@gmail.com> Change-Id: I4516bcc2c41792acdb8174cb9d3cc198ddfaf8ef * Set version to 2.10.7 Change-Id: Ifaa53d31ae88211d069e35d699e6a2ad5cc6c8f6 * Release notes for Gerrit 2.10.7 Change-Id: I18096e6ed7b86206f4287ba3445d631994571ac9 * Fix link in 2.10.7 release notes The "bug report on JGit" was actually pointing to a change on the Eclipse review server, and not the bug report. Change-Id: I833e37bf775c1f0153a370b239e7acbe3155bec5 * Update JGit to latest 4.5.x release JGit releases older than 4.5 are known to be prone to issues with MissingObjectExceptions. Change-Id: Ia9099a5ac8fcbaf873e3354b5a47d2178c97444a Signed-off-by: Edwin Kempin <ekempin@google.com> * Set version to 2.10.8 Change-Id: I31bb360d26502a46faa74f0ca47e53e227c3b113 * Add release notes for Gerrit v2.10.8 Change-Id: I083658b124db4891343083a95cfc114437b8ce44
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Logging out a session which was authenticated before a restart gives me:
It doesn't seem to cause any problems.
The text was updated successfully, but these errors were encountered: