Changelog

Major bug fix

Recover from legacy user configuration folders with $ characters that are not part of hex escape sequences. (regression in 2.89) JENKINS-47909
Fix Download from java.sun.com installation method for JDK for downloads requiring an Oracle login after change to the Oracle site. JENKINS-47448

Enhancement

Update Remoting from 3.13 to 3.14 in order to apply various performance and stability improvements. full changelog, JENKINS-37566 , JENKINS-45294 , JENKINS-47425 , JENKINS-47901 , JENKINS-47942
Update Windows Agent Installer from 1.9.1 to 1.9.2: Do not try to update jenkins-slave.exe on Unix agents when they connect. full changelog, JENKINS-47015

Bug fix

Major enhancement

Launch agent via execution of command on the master has been moved to a new Command Launcher plugin and integrated with the Script Security plugin. JENKINS-47393 , Command Launcher plugin site entry, related security advisory
Upgrade Stapler library from 1.250 to 1.253. pull 2956, Stapler changelog
Update Remoting to improve stability and diagnosability. JENKINS-37567 , JENKINS-43985 , JENKINS-45522 , JENKINS-47132 , JENKINS-38711 , full changelog

Major bug fix

Prevent core or plugin code from mistakenly attempting to serialize jobs, builds, and users except in their intended top-level XML file positions, preventing a class of serious deserialization-related errors. JENKINS-45892
Developer: Fix TimeDuration time unit handling and its incorrect usage. TimeDuration uses milliseconds as the default unit. It was supposed to parse sec or secs suffix to interpret the number as seconds, but that never worked. JENKINS-44052
Stapler 1.252: Prevent file handle leak in LargeText#GzipAwareSession. JENKINS-45903

Bug fix

Stapler 1.252: Restore ability to attach views to interfaces. (regression in 2.46) JENKINS-43715

Enhancement

Stapler 1.253: Servlet 3.1 support, improved Blue Ocean performance and changes of interest to plugin developers. JENKINS-37062 , Stapler changelog
Disable obsolete JNLP, JNLP2, and CLI protocols on new Jenkins installations during Setup Wizard. JENKINS-45841 , announcement blog post
Restart agent communication related threads on both controller and agents when encountering an unhandled exception, if possible, to improve stability. JENKINS-38711
Default the built-in Jenkins Update Center URL to https://updates.jenkins.io instead of obsolete HTTP endpoint. This requires a JRE compatible with Let's Encrypt, e.g. Oracle JRE 8u101. pull 2996
Moved Jenkins agent runtime to agent.jar file name, and deprecate (but still support) use of legacy slave.jar. Introduce the AGENTJAR_URL environment variable as replacement for SLAVEJAR_URL. JENKINS-35451
Improve error reporting when failing to archive artifacts. pull 2976
Enable cc.xml to export jobs in folders recursively when accessed with a query parameter named recursive. JENKINS-36282
Add new administrative monitor warning users about disabled CSRF protection. JENKINS-47372
Commons Codec library upgraded from 1.8 to 1.9. pull 3033
Agents JVM must be 1.8+ and a clear message is shown in connection logs if it is not. JENKINS-44851
Add sidebar link to create new view. JENKINS-6290

Changelog for 2.89.1