Upgraded Jenkins OSS LTS from
Upgraded CloudBees Assurance Plugin from
Upgraded CloudBees Jenkins Advisor Plugin from
Upgraded CloudBees License Manager from
Upgraded Credentials Plugin from
Upgraded Docker Commons Plugin from
Upgraded Git Plugin from
Upgraded Git Client Plugin from
Upgraded JIRA Plugin from
Upgraded Kubernetes Plugin from
Upgraded Matrix Authorization Strategy Plugin from
Upgraded CloudBees Jenkins Enterprise License Entitlement Check from
Upgraded PAM Authentication Plugin from
Upgraded Pipeline Rest API Plugin from
Upgraded Pipeline Stage View Plugin from
Upgraded Script Security Plugin from
Upgraded SSH Credentials Plugin from
Upgraded Structs Plugin from
Upgraded Token Macro Plugin from
Upgraded Pipeline Groovy Plugin from
Added CloudBees Administrative Monitors Plugin version
Added User Activity Monitoring Plugin version
System.exit(int) and similar methods could still be approved in Script Approval, but there's never a good reason for them to be usable in Pipeline scripts. These methods are now blocked permanently from all sandboxed Groovy execution in Jenkins.
Uses of the Git plugin's mergeStrategy option in Pipeline started failing in Git 3.9.0 if the specified value was not uppercase. The value of the mergeStrategy option may now be specified in any case in a Pipeline.
The git plugin fetched to the local cache before checking remote references for updates causing MissingObjectException if references got updated between these operations. The problem is more notable on large repositories where the fetch operation can take a long time. The fix changes the order of the operations making the issue less likely to occur since listing references is fairly quick.
Certain sandboxed Groovy script idioms, including but not limited to Pipeline, could result in a build failure with a RejectedAccessException without Jenkins offering the corresponding signature as a pending approval. Script Security rejections will now be reported properly in all contexts.
When users of the EC2, docker-commons, and SSH credentials plugins updated passwords, the original passwords were not hidden nor were previous values encrypted. With this fix, when users of the EC2, docker-commons, and SSH credentials plugins update passwords, the original passwords are hidden and previous values encrypted.