| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Release-Notes: skip
Change-Id: I761ffa6a464a58e616cb282beba0ca950a257030
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-3.3:
Set version to 3.3.11-SNAPSHOT
Set version to 3.3.10
Ignore '--no-limit' query changes option for anonymous users
Release-Notes: skip
Change-Id: I323b6708075bbe54624d72f39a5a3e39fb0856f4
|
| | |
| |
| |
| |
| | |
Release-Notes: skip
Change-Id: Iffa172335f1347e466349d54ef1ede871aaa7dfb
|
| | |
| |
| |
| |
| | |
Release-Notes: skip
Change-Id: Ifad11be501dcec40077e4b5e201c9fe7d10307e4
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adding 'no-limit' option to query changes REST API can result in
substantial resources usage. This change ensures that it cannot be used
(or abused) by anonymous users.
Notes:
* one can still configure them to request unlimited results by setting
'Query Limit' Global Capability to Integer.MAX_VALUE for 'Anonymous
Users' group
* 'no-limit' option is only a part of query changes API hence accounts,
groups and projects are not affected by this change
Release-Notes: Ignore '--no-limit' for anonymous users change queries
Change-Id: Ic789690ffd2f94f02989c2906fcd75e442df86f8
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-3.3:
Show HTTP(S) message in Missing Change ID Error message
Update reload4j to 1.2.19 and slf4j to 1.7.36
Move SLF4J to nongoogle.bzl
Separate reviewer-recipients from project-watch-recipients
Restore Java 11 binary bytecode for releases to Maven
Release-Notes: skip
Change-Id: I194e44a9939a89fb06a37eacf780e0461100631c
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
reload4j 1.2.19 fixes
- CVE-2022-23305
- CVE-2020-9488
slf4j 1.7.36 updates its reload4j integration to reload4j 1.2.19
Release-Notes: Update reload4j to 1.2.19 and slf4j to 1.7.36
Change-Id: I6b00f94b644cacc777d7b92f85e26bec44b9e40d
|
| | |\ \
| | |/
| |/| |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The assumption that the existence of the SSH host key means that
all users use SSH protocol is incorrect, since some might use HTTP
protocol.
Since a CommitValidationListener doesn't know which protocol was
used, provide both SSH and HTTP variant of the command to install
the commit message hook.
Release-Notes: skip
Change-Id: I10ae721315de8afb964e720033e2d6498bce3e55
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Gerrit core and all plugins used by Google migrated to Flogger so that
Gerrit at Google no longer depends on SLF4J. Hence the SLF4J version
doesn't need to match the SLF4J version that is used at Google.
Signed-off-by: Edwin Kempin <ekempin@google.com>
Change-Id: I40ff875a33aa628eef5f387e22768665188b434f
Release-Notes: skip
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To ensure that project-watch emails are sent regardless of other
notfication configurations. Without this fix you will not get any
email notifications for watched projects when you have set
"Only when I am in the Attention-Set" and you are outside of
the attention-set.
Release-Notes: Fixed lost watch notifications when attention-set-only is configured
Bug: Issue 14912
Change-Id: I0707c588f23f13c617cdfb565171adff12833ea9
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The switch to Java 8 as the default java toolchain in
Change-Id: Ieb0d627ce5f4 has missed that the Maven
release script generation was relying on the default
toolchain for publishing.
Introduce the Java 11 toolchain as the target for publishing
to Maven, so that the binary bytecode can be restored
as it was expected for all current v3.3.x versions.
Release-Notes: skip
Bug: Issue 15759
Change-Id: Ia4c29d1db800220cdbc4f1c015fdec9bd552188b
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Update plugins/replication from branch 'stable-3.4'
to 44171b65a0c1c390764cdd045aff1cd138c4b802
- Ensure states are updated for canceled replication tasks
When using 'replication start --wait' we need
ReplicationState.waitForReplication() to return when the task we're
waiting on has been canceled, either through an admin action or because
the replication distributor determined another node already completed
it.
Add a couple tests for PushAll that confirm this behavior was previously
broken and is fixed now.
Change-Id: I36320ae079af5d7673e05d20ddc94b42a9b04347
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-3.3:
config-gerrit: Fix 'database' references
Remove leftover receive.changeUpdateThreads references
config-gerrit: Remove extra list continuations
Change-Id: Ia5ee3ed9473f4f48bba55f5e8f0f413b322cb083
Release-Notes: skip
|
| | |
| |
| |
| |
| |
| |
| | |
These were missed in the NoteDb conversion.
Change-Id: I1d223e19b2e0771a9ddf3f9aaf8ca4fa04b6c9c3
Release-Notes: config-gerrit doc fixup
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Change I8c435856c5 removed the dead code that used this config, but
missed removing the config from the docs and tests.
Change-Id: I2dbd2e93b334fdc7ea4f3abdb88a27c904ab48c0
Release-Notes: Remove non-existent receive.changeUpdateThreads setting from docs and tests
|
| | |
| |
| |
| |
| |
| |
| | |
Also add a blank line where one was missing.
Change-Id: I141347972e835d9797d6801a259b6587abb180c5
Release-Notes: config-gerrit doc fixup
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It seems that when we were refactoring this change to address review
comments we accidentally swapped out the ${hash} replacement for a
revision replacement. Fix this by swapping it back to a hash replacement
which was the intended behavior.
Note we skip release notes as this addresses a bug in a recent change
that should have accurate release notes already.
Release-Notes: skip
Change-Id: I0b1c56d9aa80b0014e26f2a2385df90b1f5ae413
|
| |\ \
| | |
| | |
| | | |
stable-3.4
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Gitweb file links interpolate ${commit} but this may be the ref rather
than the commit hash when interpolating file links. This is problematic
because some gitweb like systems (in this case gitea) rely on the hash
rather than the ref path.
We address this by adding a new ${hash} interpolation value that will
always be the sha commitId value in the file links. We don't change the
value of ${commit} as it appears gitiles may rely on the current
implemenation and there may be other implementations out there relying
on the current values for that variable.
Bug: Issue 15589
Co-Authored-By: David Ostrovsky <david@ostrovsky.org>
Release-Notes: Add SHA-1 hash variable to gitweb file links
Change-Id: Ifabc2c27c62cd55a7b8d43cfa43f6dc1539423eb
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-3.3:
Fix gerrit ls-members --recursive
Fix gerrit ls-groups flag in documentation
Bazel: Use Java 8 per default to guarantee source level compatibility
Release-Notes: skip
Change-Id: I6501e5fbeb13c35c4e40efdf2d1420c9d4425a62
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Id3ec26677 introduced a regression to the ls-members SSH command that
caused it to ignore the --recursive flag. This was caused by replacing
apply() with getDirectMembers() which only looks at direct membership
and not transitive membership.
To fix this we update the parent restapi class to include a getMembers()
method that inspects the recursive flag and applies the correct
memerbship lookup method.
Release-Notes: Honor --recursive option on ls-members command
Change-Id: I7379be1a99b58e32da0e1fc518c774ea65ae8e88
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In Gerrit 2.14 the -q flag to ls-groups was deprecated in favor of the
-g flag. With change I1a1bdbbcd -q has been removed and -g must be
used. The docs were never updated fix this.
It is worth noting that there may be other flags that should be added to
the docs as it appears the rest api defines what we can pass in here. I
have not confirmed this, but a docs audit for incorrect or missing flags
may be worthwhile.
Change-Id: If9ea99724f182641bf349ce7faaa24f43d988bd6
Release-Notes: Fix gerrit ls-groups flag in documentation
|
| | |\
| | |
| | |
| | | |
compatibility" into stable-3.3
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
At the time the change 264535 was submitted, that switched Java default
to Java 11, not all Gerrit users were ready to abandon Java 8
compatibility. To provide Java 8 compatibility it was decided to perform
CI verification with Java 8, by overriding the java toolchain option
on GerritForge CI (core build) and Zuul (plugins build).
Today the situation is different. Starting from stable-3.5 branch Java 8
compatibility has been dropped. Still we guarantee the Java 8
compatibility on stable-3.3 and stable-3.4 branches. To achieve this,
the java toolchain option is overridden on stable-3.3 and stable-3.4
branches on the CI.
To simplify the build toolchain and the CI configurations, we would like
to rely only on the default java toolchain (provided in .bazelrc) to be
the minimum guaranteed compatible Java version (on each branch).
That way the default bazel invocation:
$ bazel build :release
would always provide the desired result per default.
This change should be reverted when merged up to stable-3.5 branch.
To summarize:
before this change is submitted, the situation is:
stable-3.3: default toolchain: Java 11, guaranteed compatibility: Java 8
stable-3.4: default toolchain: Java 11, guaranteed compatibility: Java 8
from stable-3.5: default toolchain/guaranteed compatibility: Java 11
after this change is submitted, merged to stable-3.4 branch and reverted
started from stable-3.5 branch, the situation is:
stable-3.3: default toolchain/guaranteed compatibility: Java 8
stable-3.4: default toolchain/guaranteed compatibility: Java 8
from stable-3.5: default toolchain/guaranteed compatibility: Java 11
Change-Id: Ieb0d627ce5f4d2753fe637fb67123e6431796940
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The new test reproduced the endless loop that was fixed by change
Ie922c8db1. Without the fix the change creation via push fails with an
internal error due to the stack overflow.
Signed-off-by: Edwin Kempin <ekempin@google.com>
Change-Id: I4112cfc455940d0f1a019f825b0dd85e8c6a221f
Release-Notes: skip
|
| |\| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If a Prolog rule fails to load and PrologOptions#logErrors() is true
(which is e.g. the case if the request is being traced) there was an
endless loop in PrologRuleEvaluator:
1. typeError(String, Exception) is invoked which logs the exception and
then calls typeError(String) with DEFAULT_MSG as parameter
2. typeError(String) delegates to typeError(String, Exception) with the
exception parameter being null which brings us back to 1.
The issue was introduced by change I018ce9e13.
Signed-off-by: Edwin Kempin <ekempin@google.com>
Change-Id: Ie922c8db1ffa51275865f7dfe3432462995b5c84
Release-Notes: Fix endless loop when handling Prolog type errors
|
| |\ \ \ \
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
* stable-3.3:
Bazel: Fix building gerrit on older python3 versions
Change-Id: I2aaa49fad9d52c1ff596f136b27c414c7d384f1a
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Zuul build pipeline is using discontinued Python 3.5 release. Starting
from Python 3.6 json.loads() accepts byte array: [1]. That's why the
current code works on Python 3.6+ versions.
Make the code compatible with older Python releases and decode the byte
array prior to passing the input to the json.loads() method.
[1] https://docs.python.org/3/whatsnew/3.6.html#json
Bug: Issue 15667
Change-Id: I1019556e12e2477e82edf7fa63bda917cd011215
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* changes:
Revert "Bazel: tag no_rbe //javatests/com/google/gerrit/git:medium_tests"
Revert "Bazel: Add no_rbe tag to test rules that cannot be run on RBE"
Bazel: Use custom Ubuntu 18.04 image for RBE
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit 30ab2cbde949b751a3fd7e53660acbdd11bfb294.
Reason for revert: JGit regression was fixed and tests can be re-enabled
on RBE.
Change-Id: Idf4f7843ac9d6850d83eebb53ec050cfcdaf50a6
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit 7affcb65f8ed4066da220ee5cdb8b990709b75c2.
Reason for revert: JGit regression was fixed and tests can be re-enabled
on RBE.
Change-Id: I63967d5fbdef5e9cc556910251f0c1ff35fe227c
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Due to outdated git version in Ubuntu 18.04 releases, custom built
docker image must be used for RBE.
Switch to using new release of rbe_autoconfig 3.0.0, that is using
the new published docker image with git-core version 2.34.1.
Git protocol V2 tests in RBE environment can be re-enabled in follow-up
change, that reverts addition of no_rbe tag to git protocol V2 tests.
Bug: Issue 12486
Change-Id: Ic64102766a2667b31c73d1b09957c0ba9aa74c70
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
this update to current stable-5.12 contains the following changes:
78d4fb1ca UploadPack v2 protocol: Stop negotiation for orphan refs
fed0ab9ba Use FileSnapshot without using configs for FileBasedConfig
7828ef349 Revert "RefDirectory.scanRef: Re-use file existence check done in snapshot creation"
994434a1c Add missing @since tags
2e5110eda Add missing @since tag
8924b14d3 Add missing @since tags
f8f4357d6 Remove unused import in ApacheSshTest
f1547eec0 Update maven plugins
fe3071f0e Ignore missing javadoc in test bundles
38db89142 storage: file: De-duplicate File.exists()+File.isFile()
f829f5f83 RefDirectory.scanRef: Re-use file existence check done in snapshot creation
5606a5315 FileSnapshot: Lazy load file store attributes cache
09c923073 Update eclipse-jarsigner-plugin to 1.3.2
c213a6628 Fix p2 repository URLs
122237439 FS: debug logging only if system config file cannot be found
6aa29d116 Better git system config finding
4f8d43462 Fix target platforms
d160e8a93 Fix missing peel-part in lsRefsV2 for loose annotated tags
5f8c48413 reftable: drop code for truncated reads
b4782d74f reftable: pass on invalid object ID in conversion
9c3190ce7 Update eclipse-jarsigner-plugin to 1.3.2
283c23012 Fix running benchmarks from bazel
c70c0acb4 Update eclipse-jarsigner-plugin to 1.3.2
d160e8a93 should fix Issue 14861
Bug: Issue 14861
Change-Id: I5201e8a8b0ca1d0ebfb4bacffbaa13224202575b
|
| |\ \ \ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Prior to this change we never evaluated createSignedTag permissions
because the condition to check those permissions could never be true.
This was due to an update in JGit [0] that removed the GPG signature
from signed tag messages.
We fix this by directly getting the gpg signature instead and checking
if it is null. If it isn't we evaluate createSignedTag perms otherwise
createTag.
For anyone running into this that cannot apply the fix or needs a
workaround that can be done by relying on createTag permissions for now.
[0] https://gerrit.googlesource.com/jgit/+/dd3846513bbc682b9c51b09d369687ab7a036a49%5E%21/
Bug: Issue 15616
Change-Id: I4ce26a62b7caa804a52371c82d889f462b29c6e4
|
| |\ \ \ \ \
| |/ / / /
|/| | / /
| | |/ /
| |/| |
| | | |
| | | | |
* stable-3.3:
Bump reload4j to 1.2.18.1
Change-Id: Ib3615971ef6b211555d31ec8b4c54b0a8b8ac0a0
|
| | |\ \ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This release includes a number of additional security fixes. More
details can be found on their mailing list [1].
[1] http://mailman.qos.ch/pipermail/reload4j/2022-January/000033.html
Change-Id: I41e911e0d431ed65504ebda0ed52f3161f47a3a2
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* stable-3.3:
Bump SLF4J to 1.7.33 for including Reload4J binding
Change-Id: I2646f2787f233345133d19e8391b402c55b7c4f1
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The SLF4J's MDC has been broken since the swap
of Log4J with Reload4J done in Change I1d01ab0a5d3a.
Although Reload4J is supposed to be a replacement for Log4J
some of its internals are different with regards to the
MDC's initialization.
SF4J assumes that the MDC's structure is the one implemented
in Log4J; however, when the Reload4J classes are used, it\
fails with java.lang.NoSuchFieldError: tlm.
The failure is subtle because it appears only when one of
the classes Gerrit's plugins directly refers
to the MDC. The Gerrit build instead does not instantly
fail, even if there is a mismatch of SLF4J binding.
The SLF4J project has created a specific binding for Reload4J
that is available from v1.7.33 (see [1]), hence the bump
of release and the swap of Log4J with Reload4J also on the
binding side.
[1] https://mvnrepository.com/artifact/org.slf4j/slf4j-reload4j/1.7.33
Bug: Issue 15590
Change-Id: Icef4a845d5a9539e396698853e810334ea6b036b
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* stable-3.3:
Make default CacheBasedWebSession maxAge public
docs/note-db: fix asciidoc link markup
Change-Id: Ic6c83739d2927429ec264e89f3c7de40976d6191
|
| | |\ \ \ \
| | |/ / /
| |/| | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change the visibility of CacheBasedWebSession.MAX_AGE_MINUTES from
protected to public, in order to allow plugins to read this value
directly rather than duplicate it.
For example, websession-flatfile needs access to this value in order to
match the default of cache.web_sessions.maxAge when performing clean up
(see [1]).
[1] https://gerrit-review.googlesource.com/c/plugins/websession-flatfile/+/328562
Change-Id: Ib514e4e6a78b5c11f2e0dc9467c0869f8cdf3473
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: I820829748a295d2366e554177515c1ec9ce738ec
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* stable-3.3:
Update from log4j:log4j:1.2.17 to ch.qos.reload4j:reload4j:1.2.18.0
Change-Id: I907fb288731937634b9842cdc1058b03f9b7e364
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
into stable-3.3
|
