Changelog

Legend:

security fix
major bug fix
bug fix
major enhancement
enhancement

Community feedback:

no major issues
notable issues
required rollback

RSS

What's new in 2.405 (2023-05-16)

Adjust form label padding. (pull 7962)
Use dialogs to delete computers, views, clouds, users and logrecorders. (issue 13545)
Improve class loading behavior looking up special formatters for XML configuration files. (pull 7976)
Upgrade from Guice 5 to 6. (pull 7990, Guice 6.0.0 release notes)
Restore support for ECharts API plugin (regression in 2.404). (issue 71236)
Make "Skip to content" link visible through keyboard navigation. (pull 7956)
Fix support of clouds without a config.jelly file. (pull 7972)
Developer: Queue items elements are now formalized using jenkins.model.queue.QueueItem. (pull 7926)

What's new in 2.404 (2023-05-09)

Revamp the sign-in and register pages. Add support for browser-native themes like darkmode. (pull 7872)
Make title sticky in legend. (issue 71177)
Move plugins refresh button to app bar. (pull 7770)
Fix the writing of emojis to XML (regression in 2.403). (issue 71182)
Allow parameter positions to be reordered in job definitions (regression in 2.402). (issue 71089)
Add a user experimental flag to run Jenkins without Prototype.js. Plugin authors should enable this flag and fix any issues that result from the removal of Prototype.js. In the future Prototype.js will be removed from Jenkins core. (pull 7948)

What's new in 2.403 (2023-05-02)

Remove support for WebSocket agents when running inside Jetty 9. (pull 7101)
Align source code text and line numbers in views that render source code with the Prism plugin. (issue 70805)
Rework clouds management into multiple pages to better scale to a large numbers of clouds. Users of EC2 Plugin should update it to version 2.0.7 or newer for compatibility. (issue 70729)
Show full width filter field for builds on pages less than 970 pixels wide. (issue 71115)
Do not write NUL values to XML files. A technically illegal #x0 (NUL) could be written to Jenkins XML files but could no longer be read. Now the write will fail as well (regression in 2.398). (issue 71139)
Fix the warning icon in the workspaces temporary directory message. (issue 71160)
Do not display a list of page sections on the System page breadcrumb. (issue 71152)
Add padding to the right side of the full width side panel. (issue 70115)
Developer: The experimental projectViewNested view has been removed without replacement. (issue 70927)

What's new in 2.402 (2023-04-25)

Update appearance and framework for link dropdown menus. (pull 7474)
Remove duplicate section headers from the Tools page. Remove border at the top of the Tools page for consistency with other pages. (pull 7716)
Hide the filter field when there's no build in Build History Widget. (issue 70220)
Restore conditional rendering of headers in some pages and remove non-functional drag handle from some headers (regression in 2.335). (issue 71089)
Upgrade Winstone from 6.10 to 6.11. This includes the upgrade of Jetty from 10.0.13 to 10.0.15. (Winstone 6.11 release notes, Jetty 10.0.14 changelog, Jetty 10.0.15 changelog)

What's new in 2.401 (2023-04-17)

Add updates count badge to Updates sidebar item. (pull 7084)
Simplify loading of JavaScript and CSS. Users of OWASP DependencyTrack must upgrade to 4.3.1 or later, and users of ServiceNow CI/CD must upgrade to 2.1 or later. (pull 7827)
Properly iterate over class names in heterogeneous lists (regression in 2.400). (pull 7845)
Upgrade Spring Framework from 5.3.26 to 5.3.27. (Spring Framework 5.3.27 release notes)

What's new in 2.400 (2023-04-11)

Fix radio buttons in repeated blocks in configuration forms (regression in 2.391). (issue 70988)
Fix null pointer exception on the "Manage Jenkins" page when HTTP/2 is enabled. (issue 70630)

What's new in 2.399 (2023-04-04)

Sign WAR file and Windows installer with new code signing certificate. (pull 358)

What's new in 2.398 (2023-04-04)

Use a card layout instead of a table for the dashboard on mobile. (pull 7581)
Refresh the Build with Parameters interface. (pull 7748)
Support emoji in Job DSL scripts. (issue 69129)

What's new in 2.397 (2023-03-28)

A new GPG signing key is used for the Jenkins weekly package repositories. Follow the instructions in the Linux repository signing blog post to install the new public key on your computer.

Add missing Turkish translations for plugins management page. (pull 7767)
Add missing Turkish translations for tools management page. (pull 7762)
Don't remove id inside symbol. (issue 70730)
Fix "delete build" button text overflow. (issue 70809)
Upgrade Spring Framework from 5.3.25 to 5.3.26. (Spring framework BOM 5.3.26 release notes, pull 7760)

What's new in 2.396 (2023-03-21)

Revamp icon legend as a modal. (pull 7718)
Remove the expand-button component as it's no longer used. (pull 7732)
Refresh the design of the About Jenkins page. (pull 7712)
Hide the Restart Jenkins checkbox in the update center if the controller doesn't support it. (issue 69489)
Restore the New Node button in computer overview for users with node creation permission. (issue 70820)
Suppress some noisy stack traces from ProcessTree. (pull 7681)
Avoid a ClassCastException from TokenBasedRememberMeServices2 (not known to occur in realistic environments). (pull 7724)
SlaveRestarter implementations are now only installed on static agents. Use Djenkins.slaves.restarter.JnlpSlaveRestarterInstaller.forceInstall=true to fall back to the previous behaviour in case of any issue. (pull 7693)

What's new in 2.395 (2023-03-14)

Introduce user experimental flags. (issue 69853)
The stopbuilds command did nothing if the last build of the job was already finished, even while earlier builds were running. (pull 7679)
Add copy button to Jenkins home directory. (pull 7678)
Simplify the names of the settings in Manage Jenkins. (pull 7661)
Adjust websocket idle timeout to 60s seconds by default to avoid "WebSocketTimeoutException: Connection Idle Timeout" issues. Idle timeout is configurable via jenkins.websocket.idleTimeout=. (issue 69955)

What's new in 2.394 (2023-03-08)

Important security fixes. (security advisory)
Limit the maximum number of search results.

What's new in 2.393 (2023-02-28)

Disable unwanted browser form validation. (issue 70662)
Restore installNecessaryPlugins redirect destination. (issue 70599)
Warn user that copy button requires HTTPS. (issue 21052)

What's new in 2.392 (2023-02-21)

Add a copy button for the code snippets that start agents. (pull 7625)
Update bundled plugins to include fixes announced in 20230124 and 20230215 Jenkins security advisories. (pull 7651, 2023-01-24 security advisory, 2023-02-15 security advisory)
Developer: Ensure required Jelly arguments are correctly labeled as required. (pull 7644)

What's new in 2.391 (2023-02-14)

The default connection mode for the Java CLI client is now webSocket. You can specify http to continue to use the former default (for example because you are running Jenkins in a servlet container other than the recommended builtin Jetty, or because you are running an unusual reverse proxy which does not support WebSocket). You can also continue to specify ssh to use SSH transport (for example because you prefer to authenticate with a private key rather than an API token), or use a native SSH client. (pull 7605)
Correct responsive behavior on resize of the 'About Jenkins' page. (issue 70191)
Fix the behaviour of filtering in Build History Widget. (issue 70438)
Fix behaviour of booleanRadio in a repeatable section. (issue 70139)
Fix computer links navigation consistency. (pull 7608)
Upgrade bundled Winstone from 6.7 to 6.10. Add the excludeProtocols option. Improve logging during shutdown. (pull 7632, Winstone 6.10 changelog, Winstone 6.9 changelog, Winstone 6.8 changelog)

What's new in 2.390 (2023-02-07)

Running pipeline build logs can now be displayed across controller restarts without reloading in some environments. (pull 7614)
Update bundled Apache Mina SSHD API plugins from 2.9.1-44.v476733c11f82 to 2.9.2-50.va_0e1f42659a_a. Include fix for unsafe deserialization in SimpleGeneratorHostKeyProvider. (pull 7623, issue 70554 , CVE-2022-45047)
Do not submit empty telemetry data if an error occurred during data collection. (issue 70533)
Allow WebSocket agent connections to time out after 5m if a write never succeeds. (issue 70531)

What's new in 2.389 (2023-01-31)

Move set node temporarily offline/online buttons to appbar. (issue 70394)
Encode cloud name in Cloud#getUrl. (pull 7573)
Developer: Agent log location honors system property hudson.triggers.SafeTimerTask.logsTargetDir. (pull 7595)
Developer: Introduced an API SubTask.getOwnerExecutable to be implemented in Pipeline. (pull 7599)

What's new in 2.388 (2023-01-24)

Fix the TcpSlaveAgentListenerRescheduler functionality. TcpSlaveAgentListener is automatically restarted on failure. (issue 70334)
Upgrade Spring Framework from 5.3.24 to 5.3.25. Spring Framework 5.3.25 includes 18 fixes and documentation improvements. (Spring Framework 5.3.25 release notes)

What's new in 2.387 (2023-01-17)

Remove the notice in the plugin manager "Updates" page for newer plugin versions that are not compatible with your current core version. Limit the display of updates to plugin versions actually being offered by the update center for your core version. (issue 62332)
Add missing breadcrumb items in various locations. (issue 70169)
Close connection on the agent if the agent's liveness ping receives no response. (issue 70414)

What's new in 2.386 (2023-01-10)

Do not report implied dependencies for WMI Windows Agents plugin. (issue 70301)
Developer: f:file now uses the morph tag library, all unknown attributes will be copied to the element. (pull 7562)

What's new in 2.385 (2023-01-03)

Allow HTML syntax for node descriptions. (pull 6511)
Hide values in tables showing potentially sensitive system properties and environment variables by default. (pull 6843)
Add support for badge icons in Management links. (issue 69339)
Add tabs to System Information page. (pull 7373)
Add missing breadcrumb items for agents. (issue 70169)
Restyle file uploads to match modern forms UI. (pull 7452)
Add missing breadcrumb items in logging views. (issue 70169)
Add missing breadcrumb items in builds. (issue 70169)
Add missing breadcrumb items for agents. (issue 70169)
Add missing breadcrumb items in Views. (issue 70169)
Add missing breadcrumb items in abstract classes. (issue 70169)
Add missing breadcrumb items in User page. (issue 70169)
Add missing breadcrumb items in system information page. (issue 70169)
Update the design of the 'Advanced' button. (pull 7173)
Upgrade XStream from 1.4.19 to 1.4.20. This maintenance release addresses two security vulnerabilities that can cause a denial of service by raising a stack overflow in affected applications. It also provides new converters for Optional and Atomic types. (pull 7548, XStream 1.4.20 changelog, XStream CVE-2022-40151, XStream CVE-2022-41966)
Revert "Label 'Dismiss' buttons red." that was introduced in 2.378. (issue 70128)
Do not prompt the user that changes may not have been saved after apply has been clicked. (issue 70112)
Remove negative letter spacing to improve legibility in some languages and fonts. (pull 7475)
Align table headers with columns. (issue 70117)

What's new in 2.384 (2022-12-26)

Align Build Executor Status collapsed content with build queue design pattern. (issue 70121)
Remove support for log rotation via SIGALRM. The command-line argument --daemon has been removed. (pull 7256)
Restore link to last breadcrumb. (issue 70169)

What's new in 2.383 (2022-12-20)

Add search bar for top level settings in Manage Jenkins. (pull 7314)
Robustness improvement regarding build number collisions. (issue 23152)
Prevent Angry Jenkins when checking a non http(s) based update center URL. (issue 70240)
Improve robustness of class loading on agents. (pull 7526)
Delaying initialization of cryptography needed for TCP inbound agents unless and until such an agent is connected. (issue 70206)
Allow plugins to generate symbol markup from Java code. (issue 68805)

What's new in 2.382 (2022-12-12)

Upgrade Guice from 5.0.1 to 5.1.0. Guice 5.1.0 contains eight fixes and improvements. (Guice 5.1.0 Upgrade Guide)
Add telemetry related to distributed builds. (issue 70199)
Fix the update of disabled plugins. (issue 69183)
Provide native Java 11 HTTP client versions of FormValidation#URLCheck methods. (pull 7508)

What's new in 2.381 (2022-12-04)

Improve tooltip performance. (issue 70178)

What's new in 2.380 (2022-11-29)

Update appearance and framework for tooltips. (pull 6408)
Upgrade Spring Security from 5.7.5 to 5.8.0. Spring Security 5.8.0 includes 71 fixes and improvements. (Spring Security 5.8.0)
Delete .disabled files when uninstalling a plugin. (issue 68194)
Developer: better error logging for unexpected problems in Computer.threadPoolForRemoting. (pull 7284)

What's new in 2.379 (2022-11-22)

Jenkins no longer bundles a patched version of the deprecated Commons HttpClient 3.x library for use by plugins. Plugins should be migrated to the native Java 11 HTTP client or updated to depend on the legacy Commons HttpClient 3.x API plugin. (Jenkins patched HttpClient library, Commons HttpClient 3.x)
Set default file size rotation of AsyncPeriodicWork / AsyncAperiodicWork task logs. (issue 64151)
Remove the deprecated WMI Windows Agents plugin from the setup wizard. (pull 7414)
Remove the deprecated Multijob plugin from the setup wizard. (pull 7413)
Add the URL of a plugin to the 'systemInfo' view. (pull 7367)
Add a "copy to clipboard" button to controller and agent thread dump pages. Remove the side panel from controller thread dumps. (pull 7368)
Fix the animation of the popup dialog in the admin monitor. (issue 70036)
Memory leak when repeatedly connecting WebSocket agents. (issue 70103)
Wait for 10 seconds before attempting to reconnect a WebSocket agent regardless of whether or not the controller is responding. (Pull request 603)
Fix a race condition affecting the launch of inbound agents. (pull 7378)
Developer: Introduce a high level HTTP client API. (pull 7398)
Upgrade Spring Framework from 5.3.23 to 5.3.24. Spring Framework 5.3.24 includes 33 fixes and improvements. (Spring Framework 5.3.24)

What's new in 2.378 (2022-11-14)

Label 'Dismiss' buttons red. (pull 7364)
Replace 'Changes' view icon with a symbol. (pull 7229)
Update 'Manage Nodes' page to use app bar and remove sidebar from 'New Node' page. (pull 7352)
Add telemetry for activation of permissions that are not enabled by default. (issue 70044)
The minimum required Remoting version has been increased to 4.7 (released on February 16, 2021). (pull 7340)
Fix overlapping buttons in administrative monitors. (pull 7366)
Fix consoleview bouncing when new entries appear. (issue 69587)
Fix error on profile page if the gravatar plugin is installed. (issue 70023)
Reduce size of the focus state (regression from 2.366). (issue 69517)

What's new in 2.377 (2022-11-08)

Remove deprecated and unused class UnbufferedBase64InputStream. (pull 7335)
Developer: Allow detached plugin location to be overridden. (pull 7303)
Upgrade Spring Security from 5.7.4 to 5.7.5. Spring Security 5.7.5 includes fixes for two authorization mapping issues affecting the scopes in spring-security-oauth2-client and org.springframework.security.web.access.intercept.AuthorizationFilter. (Spring Security Release 5.7.5, CVE-2022-31690, CVE-2022-31692)

What's new in 2.376 (2022-10-31)

Avoid unnecessary configuration save when reloading configuration from disk. (pull 7305)
Update ANTLR2 grammars and code to ANTLR4. (issue 68652)
Update submit buttons to use .jenkins-button classes. (pull 7203)
Use inbound as the preferred symbol rather than jnlp for inbound agents in JCasC. (pull 7171)
Prevent deadlock on WebSocket agents. (pull 7309)

Changelogs of historical releases can be found in the changelog archive.