I have pushed some work-in-progress to https://gerrit.wikimedia.org/r/#/c/8906/
and unfortunately, this gives a Not Found message.
The commit itself is perfectly visible via gitweb:
Version: unspecified
Severity: normal
URL: https://gerrit.wikimedia.org/r/#/c/8906/
+upstream?
As far as I understand it, drafts are designed to be hidden by default except by the owner and anyone added to the review list (which makes them awesome for security fixes, but awful for a "hey everybody look at this idea")
Drafts are supposed to be private. They're only visible to the submitter and
any reviewers the submitter has added.
The fact that gitweb shows drafts is a serious bug: we thought they were private so we used them for security fixes in the past.
(In reply to comment #2)
Drafts are supposed to be private. They're only visible to the submitter and
any reviewers the submitter has added.
Yes, that's the intended behavior. But being able to make a draft public (without putting it in the review queue) would be nice to have.
The fact that gitweb shows drafts is a serious bug: we thought they were
private so we used them for security fixes in the past.
Yes, that's much worse. Should be reported upstream for sure.
Reported as issue 1423.
This issue is private, as I reported it under the security category.
Relevant link (if it's not considered as security issue or for myself): http://code.google.com/p/gerrit/issues/detail?id=1423
How do you make draft patchset?
Oh, and I have a number of comments about it, Martin (but can't leave them there).
(In reply to comment #5)
How do you make draft patchset?
Instead of pushing to HEAD:refs/(for|publish)/branchname, you use HEAD:refs/drafts/branchname
You can use "git review -D" to push it via git-review. "git review -d <id>" and resubmitting work as expected.
Hi, I got the following reply:
WONTFIX
"We can't make gitweb filter what is visible. If all references are visible in the repository, gitweb is available, and the user can see anything in the repository,
including drafts that are held by the repository.
This is also true over the native Git protocols. Users can see the refs/changes/... entry for a draft change/patch set even if they can't see this in the Gerrit UI."
So is someone have some ideas to offer a solution to fix that ourselves or should we live with this knowledge, don't use it for security bugs and close this bug in RESO WONTFIX also?
WONTFIX or start arguing that drafts should be public indeed (as "work in progress/do not submit" for example - see also bug 37712). Nothing in Gerrit is set in stone right now and even some basic concepts evolve.
Drafts SHOULD be public to anyone which can view the repository changes. That's exactly what draft suggests to me.
There could also be something similar to the current draft, such as HEAD:refs/private/branchname
But 'public drafts' should exist.
wicke wrote:
One more vote for public drafts from me. I recently tried the drafts feature to discuss ideas and was surprised that the links returned 404s for others. We should optimize for the common (public) case rather than the rare (private security patches).
If this is still wanted, somebody will have to find or file a request upstream in https://code.google.com/p/gerrit/issues/list .
For Wikimedia itself this is currently WONTFIX but we'd get the functionality once it's fixed upstream and we deploy a new Gerrit version that includes the fix on the Wikimedia servers.