Changelog

Enhancement

Stop allowing configuration of the agent protocols list. pull 9903
The agents online/offline status and icon can now be influenced by the offline cause, giving better information to users. Clarifies some use cases when an agent was offline by design and not because of a configuration or technical error. pull 9883
Developer: Calls to Nodes#setNodes now notify NodeListener implementations. pull 9905

Bug fix

Fix end of life operating system monitor that shows 2099-12-31 on the first day a warning should be displayed. JENKINS-73845

Enhancement

Modernize ComboBox component. pull 9462
Refine content and appearance of the project Configure screen. pull 9734

Bug fix

Retain user generated offline reason when agent connects or disconnects for technical reasons. JENKINS-30101

Enhancement

Show a notification when scheduling a build fails. JENKINS-73813
Refine content and appearance of the Edit View page. pull 9833
Upgrade Winstone to 8.2 in order to update Jetty from 12.0.13 to 12.0.14. pull 9841, Jetty 12.0.14 changelog, Winstone 8.2 changelog
Retain user-generated offline reason when agent connects or disconnects for technical reasons. pull 9855, JENKINS-30101 , JENKINS-30175
Developer: Add a new taglib saveApplyBar for configuration forms. pull 9813

Bug fix

Ignore values with incorrect types when deserializing collections and maps in XML files. JENKINS-63343
Remove trailing space from Windows agent secret file instructions. JENKINS-72979
Do not allow builds to be deleted while they are still building. Ensure build discarders only process builds which have fully completed. JENKINS-73835

Enhancement

Refine Administrative monitors interface. pull 9735
Developer: Add a new method SaveableListener#onDeleted so that plugins can be notified when a Saveable is deleted. pull 9743
Developer: Improve Content Security Policy compatibility by removing an eval call from JS. Require syntactically valid JSON snippet to be returned from MarkupFormatter#getCodemirrorConfig / provided to codemirrorconfig in f:textarea. JENKINS-71515

Bug fix

Restore compatibility with plugins calling Jenkins#doSafeRestart(StaplerRequest, String). JENKINS-73838
Restore compatibility with plugins contributing new views with custom XML, like Nested Views plugin. JENKINS-73801
Wait for ongoing Pipeline builds to fully complete before allowing their parent job to be deleted. JENKINS-73824
Migrate from http://updates.jenkinsci.org to https://updates.jenkins.io when the initial installation version was 2.76 or older. JENKINS-73760
Wrap long lines in the build history. JENKINS-73437
Developer: Prevent an old version of ASM from appearing as a managed dependency in plugin builds. pull 9827

Security

Security fixes. security advisory

Enhancement

Developer: Add ExtendedReadRedaction extension point to allow plugins to redact content from config.xml files served via API or CLI to users with Extended Read permission. SECURITY-3373

No notable changes in this release.

Enhancement

Refine content and appearance of the user account screen. pull 9521
Use Notice component for views lacking jobs. pull 9724
Update appearance of Jenkins is starting pages. pull 9707

Bug fix

Restore compatibility with plugins contributing new objects with context menus, like Nested Views plugin. (regression in 2.475) JENKINS-73785
Prevent unnecessary horizontal scroll bar in Firefox. JENKINS-73695
Make deserialization of Map fields in XML files more robust. JENKINS-73687

Bug fix

Restore compatibility with the OpenId Connect Authentication and Reverse Proxy Authentication plugins (regression in 2.475). pull 9696
Validate display name only against items in the same ItemGroup. JENKINS-72988
Correct styling for plugins that can't be disabled in plugin manager when user has system read permission. pull 9463

Enhancement

Developer: Add a new listener when a computer becomes idle. pull 9673

Enhancement

Upgrade Spring Framework from 5.3.39 to 6.1.12, upgrade Spring Security from 5.8.14 to 6.3.3, and upgrade Java EE from 8 to 9. Users of the LDAP plugin must upgrade it to version 733.vd3700c27b_043 in lockstep with upgrading Jenkins core. Users of the CAS plugin must upgrade it to version 1.7.0 in lockstep with upgrading Jenkins core. Users of third-party servlet containers must upgrade the servlet container to an EE 9 version in accordance with the Jenkins Servlet Container Support Policy. Spring Framework 6.0.23 release notes, Spring Framework 6.1.12 release notes, Spring Security 6.2.6 release notes, Spring Security 6.3.2 release notes, Spring Security 6.3.3 release notes, Jarkata EE 9 release page, LDAP plugin 733.vd3700c27b_043, CAS plugin 1.7.0, Servlet Container Support Policy, pull 9672, JENKINS-73278
Add escape hatch for authenticated user access to Resource URL. JENKINS-73422
Better display HTTP handshake errors (such as authentication issues) from the CLI in webSocket mode. pull 9591
Don't change unrelated checkboxes in rowSelectionController. JENKINS-73669
Use websocket in the inbound agent command line sample. pull 9665
Move doCheckDisplayNameOrNull from AbstractProject to TopLevelItemDescriptor to allow reuse in pipeline. pull 9150

Bug fix

Update dashboard to remove white space in widths over 900px. JENKINS-73695
No longer printing verbose and uninformative messages to $JENKINS_HOME/logs/tasks/Periodic background build discarder.log. JENKINS-73692

Enhancement

Allow all builds to be removed by the build discarder. JENKINS-68822
Allow plugins to customize maximum number of suggestions in autocomplete text fields. pull 9616

Bug fix

Fix dropdown and tooltip brightness on HDR displays. JENKINS-73330
Fix the appearance of the Plugin Manager actions dropdown. JENKINS-73668
Restore margins around setup wizard alert messages (regression in 2.459). JENKINS-73302
Prevent backdrop color from affecting dialogs that appear above the backdrop. pull 9649
Refresh build history widget in all cases, including on background tabs or hidden tabs. JENKINS-73613

Enhancement

Remove obsolete RekeySecretAdminMonitor. JENKINS-73597
Use dropdown component for autocomplete fields (instead of YUI framework). pull 9453

Bug fix

Remove trailing backslash from 'Keep this build forever' hover text. pull 9625

Enhancement

makeButton creates jenkins-buttons on the fly instead of using YUI. JENKINS-73563
Upgrade Jetty from 10.0.22 to 12.0.12. JENKINS-73130
Modernize project relationship page. pull 9461
Clarify that the plugin incompatibility message applies to the current plugin. JENKINS-73495

Bug fix

fix IndexOutOfBoundsException in cloud management pages when controller has no executors (regression in 2.463). JENKINS-73554
Fix "New Item" page layout if no icon is defined for an item (regression in 2.453). JENKINS-73586

Security

Important security fixes. security advisory

Enhancement

Developer: HttpResponse exceptions such as Descriptor.FormException are now rendered properly from @DataBoundConstructors. pull 9495
Add end of life dates for Alpine 3.20, Ubuntu 24.04, and Fedora 40. Correct several end of life dates, including CentOS 8. pull 9501
Avoid unnecessary download of bundled plugins during the setup wizard. pull 9476
Scroll fields from added heterolist entry into viewport. pull 9488

Enhancement

Modernize the build time trend page with a time since column, a link to the console, and allow the table to be resized. Remove the agent column from the Pipeline build trend page. pull 9465
Exit the process immediately upon a boot failure when using ExitLifecycle. Allow custom lifecycles to react similarly. pull 9483
Display the source URL in logs when installing a plugin. pull 9449
Add a user experimental flag to run Jenkins without the YUI JavaScript library. Plugin authors should enable this flag and fix any issues that result from the removal of the YUI library. pull 9489
Form validation now works for SecretTextArea fields. SecretTextArea documentation, pull 9450, JENKINS-73404

Bug fix

Change icon size in table when resizing the table. JENKINS-73453
Fix the hudson.slaves.SlaveComputer.allowUnsupportedRemotingVersions escape hatch, which was previously not working with inbound agents. JENKINS-73467
/queue/item/nnnnn/ URLs (with no api/… suffix) now return a 200 text/plain response to emphasize that the queue item does exist but that you would need to construct a specific query to find out more. JENKINS-66105

Major enhancement

User properties are now categorized in different pages. JENKINS-69869

Enhancement

Allow some administrative monitors to be displayed for users with Overall/MANAGE permission. pull 9437

Enhancement

Increase the minimum required Remoting version to 3107.v665000b_51092 (released on February 2, 2023). pull 9440

Bug fix

Fix download of .tar.gz artifacts in Firefox (regression in 2.463). JENKINS-73381
Fix the release build that failed due to breaking changes in the Maven Release plugin. Downgrade Maven Release plugin from 3.1.0 to 3.0.1. Maven Release Plugin MRELEASE-1151, parent pom PR 576, pull 9430

Bug fix

Jenkins 2.465 was not placed in the artifact repository or on the download site.

Enhancement

Refine tables and tabs with reduced padding, rounded corners to match cards, and borders that are visible in dark mode. pull 9411
Align font weights and font sizes. pull 9393

Enhancement

Require Java 17 or newer. Announcement blog post, pull 9358
Update the design of the build history widget. pull 9148
Refine radio inputs. pull 9380
Refine form controls appearance. pull 9365
Remove some usages of the YahooUI framework in the user interface. pull 9395
Update Stapler from 1880.vb_6d94a_3b_05db_ to 1881.vd39f3ee5c629 and Winstone-Jetty from 6.19 to 6.20 to let Jetty handle HTTP response compression. A new command line option compression can be used to disable compression if desired. pull 9379
Remove idle executors from widget. pull 9177
Provide a global configuration option, "Computer Retention Check Interval", to adjust the latency period for checking offline agents. Administrators can trade elevated CPU usage from frequent agent checks for responsiveness to capacity needs. An "In demand delay" of zero on the agents reduces the time to enable an agent by checking status more frequently. JENKINS-14789
Remove Windows path traversal vulnerability escape hatch that was provided with the SECURITY-2481 fix. JENKINS-73129 , Path traversal vulnerability on Windows - SECURITY-2481
Developer: Deprecate StaplerResponse#getCompressedOutputStream, StaplerResponse#getCompressedWriter, and st:compress. Use StaplerResponse#getOutputStream, StaplerResponse#getWriter, and j:jelly instead. pull 9379

Bug fix

Fix badge color in dropdowns. pull 9381

Enhancement

Refine button appearances in sidebars, menus, pages and breadcrumbs. pull 9367
Adjust heading weights and sizes. pull 9366

Bug fix

Show help text in the correct locale even if user has an alternate language option defined in their browser (regression in 2.444). JENKINS-73246
Quote replacement string in symbol tooltips. JENKINS-73243
Honor readonly mode when displaying enumerations on pages. JENKINS-72854

Enhancement

Restore the September 30 2024 Java 11 end of life date for LTS releases. pull 9323
Move Add description to app bar. pull 9271

Bug fix

Fix width of weather icons in Safari when zoomed. JENKINS-73047

Enhancement

Remove Disable project button from project view. pull 9287
Display how many users there are on the Users page. pull 9221
Warn Java 11 users of the new end of life (June 18 2024) in weekly releases. This is a change from the previously announced date of September 30 2024. pull 9314
Improve the performance of file compression and decompression. pull 9312
Improve startup performance when jobs have been created via REST API or command line interface. JENKINS-64356
Add download option to Console output, move View as plain text and Copy buttons to app bar. pull 9169

Bug fix

Consistently notify job listeners when the job definition is updated from the REST API or command line interface. JENKINS-64553

Enhancement

Upgrade Commons FileUpload from 1.5 to 2.0.0-M2. Users of the miniorange-saml-sp plugin should upgrade to a compatible version in lockstep with upgrading Jenkins core. Apache Commons 2.0.0-M2 release notes
Provide header parts as a tag library. pull 9223
Avoid jumping layout due to tooltips. JENKINS-73158
Developer: Add debugging information to remote classloaders. pull 9277

Bug fix

Allow PKCS 12 certificates to be added to the credentials store again (regression in 2.453). JENKINS-73166
Restore No changes label when there are no changes in a build (regression in 2.453). JENKINS-73168
Handle svg cleanup via an xml document to avoid broken symbols. JENKINS-73156
Rename CloudSet query parameter type to cloudDescriptorName to avoid conflicts in Cloud implementations. JENKINS-72622
Treat lines of text (mainly in build logs) as completed by a single carriage return in addition to a newline or carriage return plus newline, avoiding an out of memory error if a large number of such lines are printed in sequence. JENKINS-73090
Add new CSS classes to avoid conflicts with CSS classes from bootstrap. JENKINS-73114

Enhancement

The webappsDir argument to run Winstone with a directory full of WAR files has been removed without replacement. Winstone 6.19 changelog
Allow pipeline jobs to run when built-in node is offline. JENKINS-53958

Bug fix

Further reduce number of recorded upstream causes. JENKINS-21605
Work around an upstream issue that could cause a hang in rare cases when two users load a configuration screen of the same type at the same time. JENKINS-60997

Bug fix

Remove tooltip when a widget is refreshed. JENKINS-72744
Update bundled Script Security plugin from 1335.vf07d9ce377a_e to 1336.vf33a_a_9863911. JENKINS-73093

Enhancement

Update restart banner to align with updated banners. pull 9191

Bug fix

Fix status icon animation display on Safari. JENKINS-72845
Update Polish translation for install wizard message to skip first user. pull 9185
Improve the performance of JSON parsing. json-lib PR 30

Enhancement

Remove ASM dependencies from core. JENKINS-73046

Enhancement

Support symbols in the newJob page. JENKINS-72947

Bug fix

Create-item button is no longer disabled when a duplicate name is present. JENKINS-73007
Fix the appearance of badges. pull 9155
After reconfiguring a static inbound agent in the GUI using fields such as WebSocket, deprecated in 2.440.x, the suggested launch instructions would incorrectly include tunnel (with no argument) even if that field had been left blank. JENKINS-73011
Fix the WorkspaceCleanupThread to consider workspaces with suffixes even if the original is nonexistent. Reduce the number of remoting calls made by WorkspaceCleanupThread. JENKINS-65829
If the variant plugin is installed at the same time as a plugin that has an OptionalExtension, these extensions would not be correctly discovered until the next scan for new Extensions. JENKINS-72998
Installed plugin view no longer jumps during first load. JENKINS-69588

Changelog

2.483

2.482

2.481

2.480

2.479

2.478

2.477

2.476

2.475

2.474

2.473

2.472

2.471

2.470

2.469

2.468

2.467

2.466

2.465

2.464

2.463

2.462

2.461

2.460

2.459

2.458

2.457

2.456

2.455

2.454