Gerrit 2.0.7 is now available in the usual location:
Of note is the WAR file doubled in size. This is due to the switch to openid4java for the OpenID relying party implementation, as it is more compliant to the OpenID 2.0 draft standard than the prior relying party, dyuproject.
Installation of openid4java may require installing Xalan/Xerces from the WAR into your application container’s secure classes directory or something equally obtuse. Under stock Jetty it still works fine to just drop the WAR in. If you aren’t using Jetty and are using OpenID authentication, be warned, the upgrade may be a bit harder than just dropping the WAR in due to Xalan/Xerces issues.
Gerrit is still Apache 2/MIT/BSD licensed, despite the switch of a dependency.
New Features
-
GERRIT-103 Display our server host keys for the client to copy an…
For the paranoid user, they can check the key fingerprint, or even copy the complete host key line for ~/.ssh/known_hosts, directly from Settings > SSH Keys.
Bug Fixes
-
GERRIT-98 Require that a change be open in order to abandon it
-
GERRIT-101 Switch OpenID relying party to openid4java
-
GERRIT-102 Never place an OpenID provider into an iframe
These are fixes suggested by the OpenID team at Google, or by the security team at Google.
-
Use a TOPO sort when processing commits in the merge q…
-
Upgrade JGit to 0.4.0-236-gcb63365
The upgrade of JGit should resolves issues relating to not being able to upload a merge commit change for review when merging in an upstream change that is already available under another tracking branch. Multiple groups have reported this problem late last week.
-
Fix a NullPointerException in OpenIdServiceImpl on res…
Other Changes
-
Start 2.0.7 development
-
Upgrade JGit to 0.4.0-212-g9057f1b
-
Make the sign in dialog a bit taller to avoid clipping…
-
Define our own version of a URL encoding helper
-
Refactor the openid_identifier field name to be a cons…
-
GERRIT-102 Simplify the OpenID login code now that the iframe is …
-
Sort request parameters during OpenID response handling
-
Shorten our OpenID return_to URL by removing unnecessa…
-
Honor the "Remember Me" checkbox when it comes to cook…
-
Remove the now dead SetCookie.html page
-
Don’t ask for registration information on existing acc…
-
Disable spell checking on the SSH key add text area
-
Hide the SSH key add field if we already have keys reg…
-
gerrit 2.0.7