Upgraded Jenkins OSS LTS from
Upgraded Common API for Blue Ocean from
Upgraded REST API for Blue Ocean from
Upgraded CloudBees Jenkins Enterprise New User Experience from
Upgraded CloudBees Assurance Plugin from
Upgraded CloudBees Folders Plugin from
Upgraded Credentials Binding Plugin from
Upgraded CloudBees Backup Plugin from
Upgraded JDK Tools Plugin from
Upgraded Kube Agent Management Plugin from
Upgraded Kubernetes Plugin from
Upgraded Master Provisioning from
Upgraded Master Provisioning Mesos from
Upgraded Maven Plugin from
3.4. The Maven plugin (version 3.1) was using an old version of maven core, so some new features (wildcard exclusions, in maven 3.3.3) were not available. With this fix, we have upgraded maven core dependencies making the new features available.
Upgraded Metrics Plugin from
Upgraded CloudBees Jenkins Enterprise License Entitlement Check from
Upgraded Notification API from
Upgraded Operations Center Server Plugin from
Upgraded SCM API Plugin from
Upgraded SSH Credentials Plugin from
Upgraded Support Core Plugin from
Upgraded Pipeline API Plugin from
Added Docker Commons Plugin version
When selecting a Github repo while creating a Multi-Branch Pipeline project, if there are too many repos available to the Github user/owner, the drop down menu either takes a very long time or times out with an error. With this fix, we have added a New UI where users can directly enter their GitHub repository HTTPs URL to create a GitHub based Multi Branch Project.
Managing catalogs and pipeline templates across a large number of Jenkins masters using the graphical user interface (GUI) is time consuming and prone to human error due to the repetitive nature of the task. A new pipeline-template-catalogs CLI command was created. This CLI command allows the administrator to automate the management of catalogs and pipeline templates across multiple Jenkins masters which reduces the amount of time required and ensures accuracy and consistency across all development teams.
A new backup and restore guide has been created, including best practices, how to restore credentials, and an explanation of the $JENKINS_HOME directory.
Upgraded CloudBees Update Center Plugin from
4.46. The CloudBees Update Center plugin was using an outdated/unsupported dependency, JSoup 1.7.3., which contained a vulnerability. With this fix the CloudBees Update Center plugin was updated with JSoup 1.8.3.
Upgraded Durable Task Plugin from
1.30. The wrapper process for shell steps stayed open for the entire life of the user-specified script, leaking JVM resources in some cases. With this fix, the wrapper process for shell steps now executes in the background.
The absolute path to sh on the master was used to launch shell scripts on agents when no default shell was specified. If the path on master did not match the path to sh on agents, the shell script would not execute. With this fix, agents now use sh without an absolute path if no default shell is specified.
The Powershell step did not propagate error codes in scripts correctly starting in version 1.23 of this plugin. With this fix, error codes in Powershell scripts now propagate correctly.
Upgraded Jackson2 API Plugin from
126.96.36.199. Two more polymorphic deserialization CVEs were found and fixed in 188.8.131.52.
Upgraded Operations Center Context Plugin from
184.108.40.206. There was confusion about applying provisioning limits to a Master when using Kubernetes Cloud. With this fix, the inline help has been updated to clarify provisioning limits behavior.
In Operations Center, when users configured Provisioning limits, the code was counting all the executors on the Jenkins instance, even the offline agents. With this fix, the code limits enforcement for nodes provisioning on the cloud by ignoring executors on offline nodes while computing the current count of executors.
Upgraded Script Security Plugin from
1.62. The whitelist for the Groovy sandbox was not set up correctly for script-level initializers, such as those for fields defined using @Field or fields defined on a sandboxed script that directly extends groovy.lang.Script or one of its subclasses. Because of this, these initializers were unable to call any method or reference any fields even if they were whitelisted. The whitelist for the Groovy sandbox is now set up correctly for script-level initializers.
In some cases, issues with an internal cache in the Script Security Plugin could lead to bad performance and/or deadlocks in sandboxed Groovy scripts, such as Pipelines. The cache implementation in Script Security was replaced to avoid performance issues and deadlocks.
Upgraded Structs Plugin from
1.20. If a named argument passed to a Pipeline step did not correspond to an actual parameter of the step, the argument was silently ignored, masking common issues like misspelling the parameter. With this fix, a warning is now printed to the build log when a named argument passed to a Pipeline step does not correspond to any of the step's parameters.
Several libraries where bundled in the Pipeline Event Step plugin that should have been loaded via plugin dependencies. With this fix, the incorrectly bundled libraries have been removed from the plugin.
The Pipeline Event Step plugin version 1.4 had PCT errors because of a detached plugin. With this fix, the matrix-auth dependency was added with test scope.
The CPS method mismatch detection introduced in Pipeline: Groovy Plugin 2.71 incorrectly logged a warning for some kinds of Groovy metaprogramming where it should not have. CPS method mismatch warnings will no longer be logged for some kinds of Groovy metaprogramming.
Uses of CPS-transformed code in a non-CPS-transformed context in Pipelines did not fail cleanly or log a warning explaining the problem. With this fix, use of CPS-transformed code in a non-CPS-transformed context in Pipelines now logs a warning explaining the problem, and links to https://jenkins.io/redirect/pipeline-cps-method-mismatches/ which provides some guidance on how to fix common errors.
Calling overridden methods using super in some class hierarchies in a Pipeline could cause a StackOverflowException to be thrown due to an infinite loop. With this fix, super methods are now resolved correctly, preventing the infinite loop.
The whitelist for the Groovy sandbox was not set up correctly for script-level initializers, such as those for fields defined using @Field or fields defined on a sandboxed script that directly extends groovy.lang.Script or one of its subclasses. Because of this, these initializers were unable to call any method or reference any fields even if they were whitelisted. The whitelist for the Groovy sandbox is now set up correctly for script-level initializers.
JIRA Site at the folder level did not show credentials for non-admin users, even though the user has all the credentials related permissions. With this fix, credentials are displayed as expected.
Shared Libraries using folder-scoped credentials failed to authenticate. With this fix, we added functionality to expose parent item scope to children, allowing shared libraries to see and use folder-scoped credentials.
The Branch API plugin included an admin monitor that recommended that users install the Basic Branch Build Strategies plugin to migrate away from the "Automatic branch project triggering" property for organization folders because it was deprecated. An automated migration for this property in the Basic Branch Build Strategies plugin caused issues in some configuration, causing change requests to no longer be built, and causing errors when trying to rebuild an existing Pipeline job. The administrative monitor recommending Basic Branch Build Strategies Plugin be installed has been disabled along with the automated migration. The "Automatic branch project triggering" property for organization folders has been reinstated.
If an agent being used by a Pipeline was removed (deconfigured) from Jenkins, the build would hang forever. With this fix, Pipeline builds now abort immediately if an agent they are using has been removed from Jenkins.
GitHub Webhooks were not created after new pipeline creation in BlueOcean. This issue was specific to pipelines created using BlueOcean. With this fix, webhooks are registered with GitHub on new pipelines created in BlueOcean.
For users without Pipeline Template Catalog permissions, the left nav displayed only the icon for Pipeline Templates Catalog. Additionally, these same users could access an incomplete Pipeline Templates Catalog page. With this fix, we added new view-only permission, fixing the left nav and Pipeline Templates Catalog page to render data according to permissions.
The Discard Old Items configuration for Organization Folders was easily misunderstood by users as being about artifacts and builds. With this fix, the Discard Old Items settings for Organization Folders and Multibranch Projects now have a description explaining their use.
The GDSL file provided by Jenkins to support syntax highlighting in IntelliJ IDEA did not support the parallel step, and incorrectly marked some step parameter types as Map when they should have been List. The parallel step is now correctly supported, and step parameter types have been fixed where appropriate.
The rename action was available for team folders, and using this option would rename the folder on the filesystem, bypassing Team functions. With this fix, the "rename" menu item is removed for team folders. Users can still change the display name of the folder using folder settings if they want to rename the team on the UI.
Clicking 'Check Now' in the Update Center was taking a long time to return. With this fix, we have improved the processing speed of the 'Check now' button in Update Center.