The NetBSD Project

CVS log for pkgsrc/devel/jenkins/distinfo

[BACK] Up to [] / pkgsrc / devel / jenkins

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.22 / (download) - annotate - [select for diffs], Sat Aug 12 06:25:26 2017 UTC (17 months, 1 week ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-, HEAD
Changes since 1.21: +5 -5 lines
Diff to previous 1.21 (colored)

Update to 2.70.3

What's new in 2.73 (2017-08-06)

    Avoid unnecessary locking to improve performance related to actions. (issue 45244)
    Improve performance when reading the console text of a build. (issue 45915)
    Add Polish translations for setup wizard. (pull 2952)
    Reliably close build log file when using chained BuildListeners. (issue 45057, issue 43199)
    Modify the JNLPLauncher configuration page to work around regression in Docker Plugin (regression in 2.72). (issue 45895)

What's new in 2.72 (2017-07-30)
70 sunny0 cloudy11 stormCommunity reported issues: 7JENKINS-45895 1JENKINS-45956

    Enable remoting work directories by default for newly created agents launched via JNLP (Java Web Start Launcher). (issue 44112, feature documentation)
    Always follow redirects for downloading update center metadata, so misbehaving plugins cannot break it. (issue 38185)
    Minor optimization to queue maintenance routines and printing of console notes, mainly for the benefit of Pipeline node blocks. (issue 45553)
    Don't monitor response time on offline agents. (issue 20272)

What's new in 2.71 (2017-07-23)
Community reported issues: 2JENKINS-45959 1JENKINS-45895

    Winstone 4.1: Add Jetty HTTP/2 connector and corresponding options for Winstone-Jetty. (issue 45438, enabling HTTP/2 support in Winstone-Jetty)
    Don't reload user records from disk unless explicitly requested to improve performance of user record access. (issue 45737)
    Prevent NullPointerException in Jenkins#getRootURL() while the instance is not fully loaded yet. (issue 34914)
    Contributions to the PATH environment variable could result in malformed values on agents on a platform different from master's. (issue 14807)
    JNLP for launching agents now requests Java 8. (issue 45679)
    Prevent NullPointerException when a previous completed build is missing for upstream culprits check. (issue 45516)
    Correctly show or suppress warnings about undefined parameters based on hudson.model.ParametersAction.keepUndefinedParameters system property. (issue 45519)
    Internal: Delete obsolete SECURITY-144-compat exclusion that can break tests. (issue 25625)

Revision 1.21 / (download) - annotate - [select for diffs], Tue Jul 18 10:22:22 2017 UTC (18 months ago) by ryoon
Branch: MAIN
Changes since 1.20: +5 -5 lines
Diff to previous 1.20 (colored)

Update to 2.70

What's new in 2.70 (2017-07-16)
Community reported issues: 1JENKINS-36792

    Fix version number shown in 2.0 upgrade wizard. (issue 45459)

What's new in 2.69 (2017-07-09)
    SSHD Module 2.0: Update from SSHD Core 0.14.0 to Apache MINA SSHD 1.6.0 in Jenkins core and Jenkins CLI. (changelog, plugin compatibility notice, issue 43668)
    SSHD Module 2.0: Enable aes192ctr and aes256ctr ciphers if JVM supports unlimited-strength encryption. (issue 39738)

What's new in 2.68 (2017-07-02)
137 sunny1 cloudy3 stormCommunity reported issues: 1JENKINS-36993

    Update Remoting from 3.7 to 3.10 adding opt-in support for work directories and improving logging in Jenkins agents. (work directory documentation, logging documentation, remoting changelog, issue 39370)
    The reload-configuration CLI command now waits until the reload is finished, and returns an error code if the reload failed. (issue 45256)
    Follow HTTP redirects while initiating CLI connection. (issue 44361)
    Add documentation for time zone specification for cron patterns (e.g. SCM polling). (issue 9283)
    Robustness improvements related to agent connections. (issue 43496, issue 38527)

What's new in 2.67 (2017-06-25)
    Enable simpler syntax for upstream build trigger in pipelines. (issue 34464)
    Remove the "JNLP" protocol references from the TCP Agent Listener log messages. (issue 44103)
    Internal: Update Annotation Indexer to 1.12 to work around JRE bug in tests. (JDK-8182744)

What's new in 2.66 (2017-06-18)
    When starting the jenkins.war directly, properly check for Java 8 as minimum instead of Java 7 before proceeding. (issue 44764)
    Allow overriding the Jenkins session ID suffix so it doesn't change on every restart, possibly resulting in too many cookies. (how to set session ID, issue 25046, issue 44894)
    Fix resource loading in plugins using the PluginFirstClassLoader, e.g. loading Groovy classes from plugin resources. (issue 44898)
    Prevent possible NullPointerException when listing remote directories using the FilePath#list() and FilePath#listDirectories() APIs. (issue 44942)

What's new in 2.65 (2017-06-11)
Community reported issues: 1JENKINS-21163

    Prevent NullPointerException when calling restart CLI command (regression in 2.57). (issue 44769)
    Packaging: Docker alpine image had a Jenkins-incompatible JDK installation (regression in 2.64). (issue 44733, corresponding Alpine Linux issue)

What's new in 2.64 (2017-06-04)
143 sunny0 cloudy2 stormCommunity reported issues: 1JENKINS-44733 1JENKINS-44777

    Moved agent port and protocol configuration out of "security" (authentication and authorization) block in Configure Global Security. (issue 4478)
    Add section headers for Markup Formatter and CSRF Protection in Configure Global Security form to make these options more obvious. (pull 2900)
    Use one-column layout for REST API documentation (.../api URLs). (issue 44563)
    Update jnr-posix from 3.0.1 to 3.0.41 to pick up improvements and fixes in the POSIX platforms support. (pull 2904)
    Jenkins failed to perform some cleanup tasks, including saving the build queue, if stopped via REST /exit, CLI shutdown, or when restarting from Install as Windows Service. (issue 44589)
    Don't check whether disabled administrative monitors are active or not on the Manage Jenkins page. (issue 44608)
    Do not submit form when pressing Enter in the plugin manager's filter field. (issue 44523)
    Plugin Development: Jenkins now no longer publishes a war-for-test artifact. Plugins using this or a later version of Jenkins as baseline need to use plugin parent POM 2.30 or later. (issue 24064)

What's new in 2.63 (2017-05-28)
Community reported issues: 1JENKINS-44907

    No notable changes in this release.

What's new in 2.62 (2017-05-21)
147 sunny1 cloudy3 stormCommunity reported issues: 1JENKINS-44120

    Fixed Pipeline compatibility for a number of CLI commands (delete-builds, list-changes, console, set-build-description, and set-build-display-name), as well as some issues affecting error reporting in other commands when used with Pipeline. (issue 30785, issue 41527)
    If you have the Authorize Project plugin installed and configured, its configuration will now be treated as final with respect to the behavior of Job/Build checks from Build other projects and Build after other projects are built. Formerly, if a Per-project configurable Build Authorization was enabled globally but some projects did not specify an Authorization, the two aforementioned checks would automatically fall back to checking as anonymous (typically denying build permission). To restore the former behavior, explicitly configure a Project default Build Authorization to be Run as anonymous. Note that this will affect all build-scoped permission checks, including for example Agent/Build. (issue 22949)
    Internal API: Tasks.getAuthenticationOf now honors authentication contributed by QueueItemAuthenticatorProvider extensions. (pull 2880)
    Update WinP from 1.24 to 1.25 to improve performance and diagnostics of issues like JENKINS-30782. (full changelog)
    Fix for NullPointerException while initiating some SSH connections (regression in 2.59). (issue 44120)
    Prevent StackOverflowError in log recorder when Winstone-Jetty debug logging is enabled. (regression in 2.61) (issue 44330, corresponding Jetty issue)

Revision 1.20 / (download) - annotate - [select for diffs], Sat May 20 23:52:19 2017 UTC (19 months, 4 weeks ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.19: +5 -5 lines
Diff to previous 1.19 (colored)

Update to 2.46.2

* Do not extract war file

What's new in 2.61 (2017-05-14)
78 sunny3 cloudy6 stormCommunity reported issues: 2JENKINS-42959 1JENKINS-44331 1JENKINS-44330

    Upgrade Groovy from 2.4.8 to 2.4.11. (Groovy 2.4.9 changelog, Groovy 2.4.10 changelog, Groovy 2.4.11 changelog)
    Integration of Winstone 4: Upgrade bundled Jetty from 9.2.15.v20160210 to 9.4.5.v20170502. This removes support for the deprecated SPDY protocol. The --spdy parameter has been removed accordingly and Jenkins may refuse to start if it's set. (issue 43713)
    Update the Mailer plugin version installed when updating from very old Jenkins releases to include the fix for SECURITY-372, the SSH Slaves plugin for SECURITY-161, and the Script Security plugin for SECURITY-258. (SECURITY-372, SECURITY-161, SECURITY-258)
    Freestyle projects may now list Pipeline jobs as downstream and trigger them, without needing to use the Parameterized Trigger plugin or reverse triggers ("Build after other projects are built"). (issue 28113)
    Internal: Define enabling/disabling in ParameterizedJob rather than AbstractProject. (issue 27299)
    Internal: Offer default methods on ParameterizedJob to have less boilerplate code. (pull 2864)

What's new in 2.60 (2017-05-10)
61 sunny0 cloudy2 stormCommunity reported issues: 1JENKINS-42959

    Update to Windows Service Wrapper 2.1.0 to support new features: download command with authentication, flag for startup failure on download error, Delayed Automatic Start mode. (issue 43737)
    Windows services: Add system property that allows disabling WinSW automatic upgrade on agents. (issue 43603, more information)
    Windows services: Restore compatibility of the WindowsSlaveInstaller#generateSlaveXml() method (regression in 2.50, no known external usages). (issue 42745)
    Windows services: Prevent fatal file descriptor leak when agent service installer fails to read data from the service startup.log. (issue 43930)
    Use full display name for runs in RSS feed to restore the project name there (regression in 2.59). (issue 44117)
    Internal: Generalize the changelog API to support non-AbstractBuild run types. (issue 24141)

What's new in 2.59 (2017-05-07)
99 sunny0 cloudy5 stormCommunity reported issues: 1JENKINS-43772 1JENKINS-42959 1JENKINS-44117

    Move to latest version of Trilead to fix SSH connection issues following a previous Trilead upgrade. (issue 42959, issue 43979, issue 44046)
    Prevent Internet Explorer from caching AJAX requests using Cache-Control header. (issue 43929)
    Properly fail with error when updating view with CLI using input of a different view type. (issue 42728)
    Fix AccessDeniedException in "Build after other projects are built" when user has Discover permission but not Read. (issue 42707)
    Properly log failure due to empty archive in Pipeline. (issue 38005)
    Prevent rare NullPointerException if an admin user is created in the setup wizard after first disabling CSRF protection. (issue 44010)

What's new in 2.58 (2017-04-30)
152 sunny6 cloudy58 stormCommunity reported issues: 41JENKINS-43979 3JENKINS-33021 2JENKINS-43934 2JENKINS-42959 1JENKINS-43772 1JENKINS-43986 1JENKINS-44073 1JENKINS-44071 1JENKINS-44046 1JENKINS-112852540 1JENKINS-2

    Use build display names in RSS feed titles. (pull 2845)
    Update the Trilead SSH library to get support of new Mac, Key, and Key Exchange Algorithms. (issue 33021, issue 26379, issue 31549)
    Migrate legacy users only once per restart to improve performance of the user retrieval logic. (issue 43936)
    Internal: Pick up the latest release of version-number library. (issue 43733)
    Internal: Refactor ProcessTree.Windows logic to propagate errors. (issue 43825)

What's new in 2.57 (2017-04-26)
90 sunny0 cloudy4 stormCommunity reported issues: 1JENKINS-33021 1JENKINS-43772 1JENKINS-43934

    Important security fixes. (security advisory)

What's new in 2.56 (2017-04-23)
87 sunny0 cloudy3 stormCommunity reported issues: 1JENKINS-43772

    Plugins did not expect InvalidPathException to be thrown in file-related methods, so wrap them in IOException to restore behavior (regression in 2.55). (issue 43531)
    Remove links in stack traces to the service that has been shut down. (issue 42861)
    If an exception is thrown while rendering an HTTP response, just log the stack trace on the server side, without trying to send an error page to the client. (issue 21695)
    Prevent NullPointerException when a non-existent default view is specified in Configure System. (issue 42717)
    Deleting jobs with running builds could result in NullPointerException (regression in 2.55). (issue 43653)

What's new in 2.55 (2017-04-15)
111 sunny2 cloudy5 stormCommunity reported issues: 1JENKINS-43694 1JENKINS-43531 1JENKINS-43629 1JENKINS-43495 1JENKINS-43772 1JENKINS-43653

    Packaging: Debian package now requires Java 8. (causes regression since 2.54). (issue 43495)
    Added fine-grain logging of FullDuplexHttpService to diagnose issues when establishing an HTTP Duplex connection. (pull 2481)
    Update LibZFS from 0.5 to 0.8 to fix compatibility issues with ZFS filesystem and illumos distributions. (issue 41932)
    Before deleting jobs, try to abort the running builds. Error will be thrown instead of the job deletion if its builds cannot be aborted. (issue 35160)
    Ensure that Cloud.PROVISION is properly initialized during the configuration loading. (issue 37616)
    Fix log message formatting when migrating `AllView` names due to JENKINS-38606". (issue 43611)
    Setup wizard gets into bad state when failures like network issues happen. (issue 41778)
    Catch and log RuntimeException in Computer#setNode() when updating the Computer list. (issue 42043)
    SSH CLI client authenticator 1.4. Add missing SSH Public Key field validation in user configuration. (issue 16337)
    Internal API: SSH CLI client authenticator 1.3. Expose PublicKeySignatureWriter to plugins. (pull 2840)

What's new in 2.54 (2017-04-09)
116 sunny3 cloudy37 stormCommunity reported issues: 6JENKINS-43492 5JENKINS-43481 4JENKINS-43495 2JENKINS-27624 2JENKINS-30561 1JENKINS-43772 1JENKINS-43694 1JENKINS-43666 1JENKINS-43199 1JENKINS-43178 1JENKINS-41745 1JENKINS-43503 1JENKINS-12345

    Jenkins (master and agents) now requires Java 8 to run. (issue 27624, issue42709, pull 2802, announcement blog post)
    Non-Remoting-based CLI. (issue 41745, pull 2795, announcement blog post)
    Disable SSH server by default. (issue 33595)
    Use case-insensitive search by default for new and anonymous users. (issue 42645)
   Introduce status indicator for skipped download job. (issue 40848)
    Properly handle saving system configuration when disabling all, or all but one, administrative monitors. (issue 42852)
    When validating a cron expression, consider the specified t)
124 sunny1 cloudy3 stormCommunity reported issues: 1JENKINS-43178 1JENKINS-43772

    Update to Windows Service Wrapper 2.0.3 and Windows Agent Installer 1.8 to prevent conversion of environment variables to lowercase in the agent executable, regresion in Jenkins 2.50. (issue 42744, WinSW Changelog, Windows Agent Installer changelog)
    GC Performance: Avoid using FileInputStream and FileOutputStream in the core codebase. (JDK-8080225, issue 42934)
    Internal API: Add support of a new full screen.jelly. (issue 34670)

What's new in 2.52 (2017-03-26)
165 sunny1 cloudy0 stormCommunity reported issues: 1JENKINS-43178

    Computer#addAction would throw an UnsupportedOperationException since Jenkins 2.30. Such a call site was released in SSH SlavesPlugin 1.15 for SECURITY-161. (issue 42969, security advisory including SECURITY-161)
    Update German localization. (pull 2777)
    Removed localizations with very low coverage: Albanian, Basque, Belarusian, Bengali, Esperanto, Galician, Georgian, Gujarati, Hindi, Icelandic, Indonesian, Irish, Kannada, Macedonian, Marathi, Mongolian, Occitan, Punjabi, Sinhala, Tamil, Telugu, Thai. (pull 2813)

What's new in 2.51 (2017-03-19)
129 sunny0 cloudy5 stormCommunity reported issues: 2JENKINS-42744 1JENKINS-42959

    Restore Windows Slaves Plugin 1.2 compatibility by restoring windows-service/jenkins.xml, regression in 2.50. (issue 42724)
    SSHD 1.10: Move SSH server port configuration to security options page. (pull 2796)
    Update Russian localization. (pull 2798)
    Update French localization. (issue 42627)
    Internal: Make sure system threads run as SYSTEM. (issue 42556)
    Internal API: Add the ability for ItemListener to veto copy operations. (issue 34691)
    Internal API: Make Run#compareTo work across jobs. (issue 42319)
    Internal API: Save Jenkins after calling setSecurityRealm or setAuthorizationStrategy. (pull 2790)
    Internal API: Annotate PermissionGroup#owner @Nonnull. (pull 2805)

What's new in 2.50 (2017-03-11)
180 sunny10 cloudy12 stormCommunity reported issues: 4JENKINS-42724 4JENKINS-42744 2JENKINS-123 1JENKINS-111 1JENKINS-42834 1JENKINS-4

    Allow searching by build parameter values in the Build History widget. (issue 40718)
    Searching in the Build History widget takes into account user preferences (case sensitivity by default). (pull 2683)
    When creating temporary files, use the jenkins prefix instead of the old hudson one. (pull 2778)
    Fix relative links in the SCM polling administrative monitor. (pull 2780)
    Update Remoting from 3.5 to 3.7 in order to prevent file descriptor leaks on agents in the case of multiple connection attempts. (full changelog)
    Upgrade the Windows Agent Installer module from 1.6 to 1.7. This change picks major updates in Windows service management logic. This fix caused a critical regression in the Windows Slaves Plugin (JENKINS-42724). Update to Windows Slaves 1.3.1 in order to get the fix applied. (full changelog, guide to upgrading old Windows service agents)
    Windows services: Upgrade the bundled Windows Service Wrapper from 1.18 to 2.0.2. (full changelog)
    Windows services: Enable Runaway Process Killer by default in new Agent and Master installations. (issue 39231)
    Windows services: Enable auto-upgrade of remoting on newly installed agents if they are connected by HTTPS. (issue 39237)
    Windows services: Add support of shared directories mapping in Windows agent services. (Shared Directory Mapper documentation)
    Windows services: Change the default Agent service display name prefix to Jenkins agent %ID%. (issue 42468)
    Windows services: Prevent agent connection reset issues when WinSW gets terminated due to the system shutdown. (issue 22692)
    Windows services: Integrate various stability and performance fixes in Windows Service Wrapper from 1.18 to 2.0.2. There are many fixes around configuration options and process termination. (full changelog)
    Prevent file descriptor leaks when Windows Service installer fails to read data from the service startup log. (issue 42670)
    Select controls in Jenkins Web UI now show the spinner icon while waiting for the list of possible options during AJAX. requests. (issue 42443)
    Improve plugin access performance in the default PluginManager implementation. (issue 42585)
    Internal API: Allow providing a custom task name in Run/Schedule UI via the AlternativeUiTextProvider extension. (issue 34522)
    Search results page did not correctly encode query parameters. (issue 42390)

What's new in 2.49 (2017-03-05)
341 sunny32 cloudy0 stormCommunity reported issues: 1JENKINS-200 1JENKINS-32986 1JENKINS-4162

    Do not attempt to find the next occurrence of an impossible date such as June 31st in validation of trigger schedules. (issue 41864)
    Remove invalid translations in Slovene (issue 41756)

What's new in 2.48 (2017-02-26)
114 sunny0 cloudy2 stormCommunity reported issues: 1JENKINS-42910 1JENKINS-43197

    Upgrade Apache Commons Collections to version 3.2.2. Note: Jenkins has been using a blacklist to prevent exploiting the serialization vulnerability in 3.2.1 since before 3.2.2 was released. (issue 31598)
    Use redirect URLs on instead of linking to wiki pages directly, allowing future reorganization of documentation without breaking links in Jenkins. (pull 2756)
    Fix performance issue in deduplication of lists of tool installers. (issue 42141)
    Use of the remote API to create items in views (/view/ćącreateItem) didn't actually add items to views since Jenkins 2.22. (issue 41128)
    Do not display a warning when an SCM trigger has no schedules (either to disable SCM post-commit hooks, or to enable them without polling). (issue 42194)
    Developer: Allow referencing radio buttons in f:validateButton validation methods. (pull 2734)

What's new in 2.47 (2017-02-19)
43 sunny1 cloudy3 stormCommunity reported issues: 3JENKINS-42189 1JENKINS-43197

    Update Groovy to 2.4.8 to address memory leak issue. Do not use this version if you are running Pipeline builds unless you also update Pipeline: Groovy to 2.28 or higher. (issue 33358, issue 42189)
    Windows service restart did not retain build queue. (issue 32820)
    Exceptions during Jenkins cleanup step should not block restart. (issue 42164)
    Upgrade remoting to version 3.5. (full changelog)
    Remoting 3.5: Remoting clients now accept lowercase (HTTP 2) headers sent by reverse proxies. (issue 40710)
    Remoting 3.5: Add option to specify the remoting protocol to use on the client. (issue 41730)
    Remoting 3.5: Stability improvements. (issue 41513, issue 41852)
    Developer: Snapshot builds of plugins that had dependencies on other snapshot builds were not having their version numbers compared correctly. (issue 41899)

What's new in 2.46 (2017/02/13)
69 sunny0 cloudy0 storm

    Failure to serialize a single Action could cause an entire REST export response to fail. Upgraded to Stapler 1.250 with a fix. (issue 40088)
    Do not fail to write a log file just because something deleted the parent directory. (issue 16634)
    Use extensible BUILD_NOW_TEXT for parameterized jobs. (issue 41457)
    Display an informative message, rather than a Groovy exception, when View#getItems fails. (issue 41825)
    Don't consider a project to be parameterized if no parameters are defined. (issue 37590)
    Don't add all group names as HTTP headers on "access denied" pages. (issue 39402)
    Ensure that PluginManager#dynamicLoad runs as SYSTEM. (issue 41684)
    Add Usage Statistics section to the global configuration to make it easier to find. (issue 32938)
    Allow groovy CLI command via SSH CLI. (issue 41765)

What's new in 2.45 (2017/02/06)
33 sunny0 cloudy0 storm

    Delete obsolete pinning UI. (issue 34065)
    Don't try to set Agent Port when it is enforced, breaking form submission. (issue 41511)
    Use project-specific validation URL for SCM Trigger, so H is handled correctly in preview. (issue 26977)
    Fix completely wrong Basque translation. (pull 2731)

What's new in 2.44 (2017/02/01)
35 sunny2 cloudy1 stormCommunity reported issues: 1JENKINS-1051

    Important security fixes (security advisory)

What's new in 2.43 (2017/01/29)
16 sunny1 cloudy0 storm

    Print stack traces in logical order, with the most important part on top. (pull 1485)

What's new in 2.42 (2017/01/22)
24 sunny0 cloudy0 storm

    IllegalStateException from Winstone when making certain requests with access logging enabled. (issue 37625)

What's new in 2.41 (2017/01/15)
22 sunny0 cloudy0 storm

    Restore option value for setting build result to unstable when loading shell and batch build steps from disk. (issue 40894)
    Autocomplete admin-only links in search suggestions only when admin. (issue 7874)
    Improve agent protocol descriptions. (issue 40700)
    Improve description for Enable Security option and administrative monitor when security is off. (issue 40813)
    Enable the JNLP4 agent protocol by default. (issue 40886)

What's new in 2.40 (2017/01/08)
43 sunny0 cloudy0 storm

    Support displaying of warnings from the Update Site in the Plugin Manager and in administrative monitors. (issue 40494, announcement blog post)
    Do not print warnings about undefined parameters when hudson.model.ParametersAction.keepUndefinedParameters property is set to false. (pull 2687)
    Increase the JENKINS_HOME disk space threshold from 1Gb to 10Gb left. The warning will be shown only if more than 90% of the disk is utilized. (issue 40749)
    Plugin Manager: Redirect back to the Advanced Tab when saving the Update Site URL. (pull 2703)
    Prevent the ClassNotFoundException: javax.servlet.ServletException error when invoking shell tasks on remote agents. (issue 40863)
    Jobs were hanging during process termination on the Solaris 11 Intel platform. (issue 40470, regression in 2.20)
    Fix handling of the POST flag in ManagementLinks within the Manage Jenkins page. (issue 38175)
    Require POST in the Reload from disk management link. (pull 2692)

What's new in 2.39 (2017/01/02)
18 sunny0 cloudy0 storm

    Properties were not passed to Maven command by Maven build step when the Inject Build Variables flag was not set. (issue 39268)
    Update remoting to 3.4 in order to properly terminate the channel in the case Errors and Exceptions. (issue 39835)
    Improved Polish and Catalan translations. (pull 2688 and pull 2686)

What's new in 2.38 (2016/12/25)
21 sunny0 cloudy0 storm

    Update to Winstone 3.2 to support ad-hoc certificate generation on Java 8 (using unsupported APIs). This option is deprecated and will be removed in a future release. We strongly recommend you create self-signed certificates yourself and use --httpsKeyStore and related options instead. (issue 25333)
    The install-plugin CLI command now correctly installs plugins when multiple file arguments are specified. (issue 32358)
    Correctly state that Jenkins will refuse to load plugins whose dependencies are not satisfied in plugin manager. (issue 40666)

What's new in 2.37 (2016/12/18)
27 sunny4 cloudy0 storm

    Allow defining agent ping interval and ping timeout in seconds. It can be done via the hudson.slaves.ChannelPinger.pingIntervalSeconds and hudson.slaves.ChannelPinger.pingTimeoutSeconds system properties. (issue 28245)
    Delegate JNLP HMAC computation to SlaveComputer instances when possible. (issue 40286)
    Diagnosability: Split Exception handling of node provision and adding to Jenkins. (issue 38903)
    Do not report -noCertificateCheck warning to STDOUT. (pull 2666)
    Improve overall performance of Jenkins by accessing item group elements without sorting where it is possible. (pull 2665)
    Convert URI encoding check on the Manage Jenkins page into admin monitor. (issue 39433)
    Update SSHD Core from 0.8.0 to 0.14.0. (pull 2662)
    SSHD Module: Handshake was failing (wrong shared secret) 1 out of 256 times due to SSHD-330. (issue 40362)
    View display name was ignored during rendering of tabs. (issue 39300)
    Job configuration submission now does not fail when there is no parameters property. (issue 39700, regression in 1.637)
    Fix names of item loading and cleanup Jenkins initialization stages. (issue 40489)
    Performance: Use bulk change when submitting Job configurations to minimize the number of sequential config.xml write operations. (issue 40435)
    Check for Updates button in the Plugin Manager was hidden in the Updates tab when there was no plugins updates available. (issue 39971)
    Remoting 3.3: Agent JAR cache corruption was causing malfunctioning of agents. (issue 39547)
    Remoting 3.3: Improve diagnostics of the preliminary FifoBuffer termination in the JNLP2 protocol. (issue 40491)
    Remoting 3.3: Hardening of FifoBuffer operation logic. The change improves the original fix of JENKINS-25218. (remoting pull #100)
    Remoting 3.3: ProxyException now retains info about suppressed exceptions when serializing over the channel. (remoting pull #136)
    API: Introduce the new Jenkins#isSubjectToMandatoryReadPermissionCheck(String restOfPath) method for checking access permissions to particular paths. (issue 32797)
    API: Introduce new Node#getNodeProperty() methods for retrieving node properties. (issue 40365)
    API: Introduce new Items#allItems() methods for accessing items in item groups without sorting overhead. (issue 40252)
    Improved Polish translation. (pull 2643)

What's new in 2.36 (2016/12/11)
31 sunny0 cloudy0 storm

    Several badges were missing in builds flagged as KeepBuildForever. (issue 40281, regression in 2.34)
    Retain cause of blockage if the Queue task cannot be taken due to the decision of QueueTaskDispatcher extension, NodeProperty and other extensions. (issue 38514)
    Internal API: Allow overriding UserProperty.setUser(User). (issue 40266)
    Internal API: Restrict usage of core localization message classes in plugins. These message classes are not guaranteed to be binary compatible. (pull 2656)

What's new in 2.35 (2016/12/04)
47 sunny1 cloudy0 stormCommunity reported issues: 1JENKINS-40281

    Add display name and full display name of items to the remote API. (issue 39972)
    API: Allow specifying log level in SystemProperties when a System property is undefined. (pull 2646)
    Followup fix for JENKINS-23271 in 2.34 addressing plugin implementations not using ProcStarter. (pull 2653)

What's new in 2.34 (2016/11/27)
19 sunny0 cloudy3 stormCommunity reported issues: 2JENKINS-40092 1JENKINS-34604

    Improve performance of Action retrieval methods. It speeds up core and plugin logic operating with Actionable objects like items, folders, nodes, etc. (issue 38867)
    Update the SSHD module from 1.7 to 1.8. The change disables obsolete Ciphers: AES128CBC, TripleDESCBC, and BlowfishCBC. (issue 39805)
    Update the Windows process management library (WinP) from 1.22 to 1.24. Full changelog is available here, only major issues are mentioned below. (pull 2619)
    WinP 1.24: Native class now tries loading DLLs from the temporary location. (issue 20913)
    WinP 1.24: WinP sometimes kills wrong processes when using killRecursive(). It was likely impacting process termination on Windows agents and sometimes leading to BSoD. (issue 24453, WinP Issue #22)

What's new in 2.33 (2016/11/20)
49 sunny1 cloudy4 stormCommunity reported issues: 1JENKINS-34604 1JENKINS-40092 1JENKINS-39554

    Reduce size of Jenkins WAR file by not storing identical copies of remoting.jar/slave.jar there. (pull 2633)
    Prevent early deallocation of process references by Garbage Collector when starting a remote process. It was sometimes causing build failures with messages like FATAL: Invalid object ID 184 iuota=187 and java.lang.Exception: Object was recently deallocated. (issue 23271)
    Make handling of internalization resource bundle names compliant with W3C standards. (issue 39034)
    Redirect to login page in the case of authorisation error when checking connectivity to the Update Center. (issue 39741)
    Remove the obsolete hudson.showWindowsServiceInstallLink property from the slave-agent.jnlp file. It was causing harmless security warnings in Java web start. (issue 39883)
    Improved Polish translation. (pull 2640)

What's new in 2.32 (2016/11/16)
37 sunny0 cloudy0 storm

    Important security fixes (security advisory)
    Allow disabling the Jenkins CLI over HTTP and JNLP agent port by setting the System property jenkins.CLI.disabled to true.

What's new in 2.31 (2016/11/13)
19 sunny0 cloudy0 storm

    Performance: Improve responsiveness of Jenkins web UI on mobile devices. (issue 39172, continuation of the patch in 2.28)
    It was not possible to connect Jenkins agents via Java Web Start due to the issue in Remoting 3.0. Upgraded to Remoting 3.1 with a fix. (issue 39596, regression in 2.26)
    Prevent NullPointerException when rendering CauseOfInterruption.UserInterruption in build summary pages for non-existent users. (issue 38721 and issue 37282, regression in 2.14)
    Reduce logging level when the localization resource is missing ResourceBundleUtil#getBundle(). (issue 39604)
    ExtensionList.removeAll was not unimplemented in Jenkins extension management API. It was causing issues during dynamic loading of GitHub and BitBucket branch source plugins on the same instance. (issue 39520)
    Remoting 3.1: hudson.remoting.Engine (mostly Java Web Start) was failing to establish connection if one of the URLs in urls parameter was malformed. (issue 39617)
    Remoting 3.1: Add method for dumping diagnostics across all the channels (e.g. in the Support Core Plugin). (issue 39150)
    Remoting 3.1: Improve the caller/callee correlation diagnostics in thread dumps. (issue 39543)
    Remoting 3.1: Add the org.jenkinsci.remoting.nio.NioChannelHub.disabled flag for disabling NIO, mostly for debugging purposes. (issue 39290)
    Remoting 3.1: Add extra logging to help diagnosing IOHub concurrent thread number spikes. (issue 38692)
    Remoting 3.1: When a proxy fails, report what caused the channel to go down. (issue 39289)
    Improved Polish translation. (pull 2631)

What's new in 2.30 (2016/11/07)
39 sunny2 cloudy1 stormCommunity reported issues: 3JENKINS-39596

    Adjust incompatible Actionable initialization changes made for issue 39404). It caused massive regressions in plugins like Jenkins Pipeline. (issue 39555, regression in 2.29)
    Integration of Stapler 1.246 caused regressions in plugins depending on Ruby Runtime Plugin. Upgraded to Stapler 1.248 with a fix. (issue 39414, regression in 2.28)
    Custom remoting enable/disable settings were not properly persisted on the disk and then reloaded. If the option has been configured in Jenkins starting from 2.16, a reconfiguration may be required. (issue 39465)

What's new in 2.29 (2016/11/06)
6 sunny1 cloudy10 stormCommunity reported issues: 7JENKINS-39555 3JENKINS-39414 1JENKINS-39465

Warning! This release is not recommended for use due to issue 39555 and issue 39414. We are working on the out-of-order release (discussion).

    Performance: Optimize log retrieval logic for large log files. (issue 39535)
    Integration of Stapler 1.246 caused regressions in plugins depending on Ruby Runtime Plugin. Upgraded to Stapler 1.247 with a partial fix. (issue 39414, partial fix)
    Jenkins startup does not fail if one of ComputerListeners throws exception in the onOnline() handler. (issue 38487)
    Queue: Do not consider pending tasks from the internal scheduling logic when looking for duplicate tasks. It was causing race conditions in Jenkins Pipeline. (issue 39454)
    Internal: Modify the Actionable API to provide methods to assist with manipulation of persisted actions. (issue 39404)
    Internal: Jelly attribute documentation now supports the since tag. (Stapler pull #84)

What's new in 2.28 (2016/10/30)
24 sunny1 cloudy8 stormCommunity reported issues: 3JENKINS-39414 2JENKINS-39232 1JENKINS-11053 1JENKINS-39465

    Performance: Improve responsiveness of Jenkins web UI on mobile devices. (issue 39172)
    Print warnings if none of Tool Installers can be used during the tool installation. (issue 26940)
    Update the minimal required versions of the detached Maven Project plugin from 2.7.1 to 2.14. Changelog is available here. (pull 2606)
    Update the minimal required versions of the detached JUnit plugin from 1.2-beta-4 to 1.6. Changelog is available here. (pull 2606))
    Relax requirements of the JNLP connection receiver, which was rejections connections from agents not using JNLPComputerLauncher (e.g. from Slave Setup, vSphere Cloud and other plugins). No the connection is accepted from launchers implementing other proxying and filtering Launcher implementations. Particular plugins may require setting up the jenkins.slaves.DefaultJnlpSlaveReceiver.disableStrictVerification system property in the master JVM to allow connecting agents. (issue 39232, regression in 2.28)
    Prevent resource leak in hudson.XmlFile#readRaw() in the case of encoding issues. (issue 39363)
    Prevented endless loop in LargeText.BufferSession.skip(), which was causing hanging of Pipeline jobs in corner cases. (issue 37664)
    Internal: Upgrade Stapler library from 1.243 to 1.246 with fixes required for the Blue Ocean project. More details are coming soon. Raw changes are listed here. (pull 2593)
    Internal: Start defining APIs that are for the master JVM only. (issue 38370)
    Internal: Update Guice dependency from 4.0-beta to 4.0. This change required upgrade of detached plugins (see above). (pull 2568)

What's new in 2.27 (2016/10/23)
22 sunny0 cloudy6 stormCommunity reported issues: 4JENKINS-39232

    Upgrade to the Remoting 3 baseline. Compatibility notes are available here. (issue 37564)
    Remoting 3.0: New JNLP4-connect protocol, which improves performance and stability compared to the JNLP3-connect protocol. (issue 36871)
    Remoting 3.0: Agents using slave.jar now explicitly require Java 7. (issue 37565)
    Prevent deadlocks during modification of node executor numbers (e.g. during deletion of nodes). (issue 31768)
    Add missing internationalization support to ResourceBundleUtil. It fixes internationalization in Blue Ocean and Jenkins Design Language. (issue 35845)
    Internal: Make the code more compatible with Java 9 requirements and allow its editing in newest NetBeans versions with NB bug 268452. (pull 2595)
    Internal: Icon handling API for items. Deprecate TopLevelItemDescriptor#getIconFilePathPattern() and switch to IconSpec. (issue 38960)

What's new in 2.26 (2016/10/17)
18 sunny0 cloudy5 storm

    Allow CommandInterpreter build steps to set a build result as Unstable via the return code. Shell and Batch build steps now support this feature. (issue 23786)
    Performance: Avoid acquiring locks in MaskingClassloader. (issue 23784)
    Performance: Update XStream driver to improve performance of XML serialization/deserialization. (pull 2561)
    Harden checks of prohibited names in user creation logic. Untrimmed spaces and different letter cases are being checked now. (issue 35967)
    Performance: Fix the performance of file compress/uncompress operations over the remoting channel. (issue 38640, issue 38814)
    Restore automatic line wrapping in Build Step text boxes with syntax highlighting. (issue 27367)
    Properly remove disabled Administrative Monitors from the extension list. (issue 38678)
    Remoting 2.62.2: Improve connection stability by turning on Socket Keep-alive by default. Keep-alive can be disabled via the -noKeepAlive option. (issue 38539)
    Remoting 2.62.2: Prevent NullPointerException in Engine#connect() when host or port parameters are null or empty. (issue 37539)
    Node build history page was hammering the performance of the Jenkins instance by spawning parallel heavy requests. Now the information is being loaded sequentially. (issue 23244)
    Cleanup spelling in CLI help and error messages. (issue 38650)
    Properly handle quotes and other special symbols in item names during form validation. (issue 31871)
    Internal: Invoke hpi:record-core-location during the build in order to enabled coordinated run across repositories. (pull 1894)
    Internal: Bulk cleanup of @since definitions in Javadoc. (pull 2578)

Revision 1.19 / (download) - annotate - [select for diffs], Thu Oct 13 09:35:11 2016 UTC (2 years, 3 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.18: +5 -5 lines
Diff to previous 1.18 (colored)

Update devel/jenkins to 2.25.

Based on a PR by Jussi Sallinen. Switch to the weekly release
branch and prepare to share framework with devel/jenkins-lts.

Upstream changelog follows (LTS backports up to 2.7.4 excluded).

What's new in 2.25 (2016/10/09)
- Display transient actions for labels.
- Add user to restart log message for restart after plugin
- Internal: Code modernization: Use try-with-resources a lot more

What's new in 2.24 (2016/10/02)
- Show notification with popup on most pages when administrative
  monitors are active.
- Allow disabling/enabling administrative monitors on Configure
  Jenkins form.
- Ensure exception stacktrace is shown when there's a
- Add new jenkins.model.Jenkins.slaveAgentPortEnforce system
  property, which prevents slave agent port modification via
  Jenkins Web UI and form submissions.
- Indicate hovered table row on striped tables.
- Decrease connection timeout when changing the JNLP agent port
  via Groovy system scripts.
- Added Serbian locatization.
- Exclude /cli URL from CSRF protection crumb requirement, making
  the CLI work with CSRF protection enabled and JNLP port
- Prevent instatination of jenkins.model.Jenkins on agents in the
  ProcessKillingVeto extension point.
- Fix handling of the jenkins.model.Jenkins.slaveAgentPort system
  property, which was not honored.
- CLI: Disable the channel message chunking by default. Prevents
  connection issues like invalid
  stream header: 0A0A0A0A.
- CLI: Connection over HTTP was not working correctly.

What's new in 2.23 (2016/09/18)
- Fix JS/browser memory leak on Jenkins dashboard.
- Build history was not properly updating via AJAX.
- Properly enable submit button on New Item page when choosing
  item type first.

What's new in 2.22 (2016/09/11)
- Change symbol and constructor for SCMTrigger to pollScm to make
  it usable in Pipeline scripts.
- Prompt user whether to add the job to the current view.
- Update to sshd module 1.7, allowing definition of client idle
- Update to sezpoz 1.12 with better diagnostics.
- Fix NullPointerException when descriptor is not in
- Use the correct 'gear' icon for Manage Jenkins in Plugin

What's new in 2.21 (2016/09/04)
- Ask for confirmation before canceling/aborting runs.
- Add newline after the text in userContent/readme.txt.
- Fixed the missing icon in the System Script console.
- Print warnings to system logs and administrative monitors when
  Jenkins initializarion does not reach the final milestone.
- Developer API: UpdateSite#getJsonSignatureValidator() can be now
  overriden and used in plugins.

What's new in 2.20 (2016/08/28)
- Make Cloud.PROVISION permission independent from
- Allow the use of custom JSON signature validator for Update Site
  metadata signature checks.
- Do not process null CRON specifications in build triggers.
- Setup wizard now checks if the restart is supported on the
  system before displaying the restart button.
- Test Windows junctions before Java 7 symlink in symbolic link
- Fixed background color in the ComboBoxList element in order to
  make options visible.
- Fixed editing default view description with automatic refresh.
  System message is not being displayed instead of the view
- Fixed process tree management logic on Solaris with 64-bit JVMs.

What's new in 2.19 (2016/08/21)
- Prevent resource leaks in AntClassLoader being used in the core.
- Fix the wrong message about empty field in the case duplicate
  item name in the New Item dialog.
- Allow invoking Upgrade Wizard when Jenkins starts up. It can be
  done by placing an empty
  jenkins.install.InstallUtil.lastExecVersion file in JENKINS_HOME.
- Replace repetitious "website" and "dependencies" text in the
  Setup Wizard by icons.
- Expose Job name to system logs when Jenkins fails to create a
  new build with IllegalStateException.
- Downgrade Queue#maintain() message for dead executors during
  task mapping from INFO to FINE.

What's new in 2.18 (2016/08/15)
- Better diagnostics and robustness against old ChangeLogAnnotator
  API usage in plugins. Enhances JENKINS-23365 fix in 1.569.
- Prevent open file leak when the agent channel onClose() listener
  writes to the already closed log.
- Massive cleanup of issues reported by FindBugs. User-visible
  issues - wrong log message formatting bugs in the Update Center
  and user creation logic.
- Remoting 2.61: JNLP Slave connection issue with JNLP3-connect
  when the generated encrypted cookie contains a newline symbols.
- Remoting 2.61: Retry loading classes when remote classloader
  gets interrupted.
- Remoting 2.61: Improve diagnostics of Local Jar Cache write
- Remoting 2.62: Be robust against the delayed EOF command when
  unexporting input and output streams.
- Remoting 2.62: Cleanup of minor issues discovered by FindBugs.
- Remoting 2.62: Improve class filtering performance in remote
- Remoting 2.62: TCP agent connection listener now publishes a
  list of supported agent protocols to speed up the connection
- Improve German, Lithuanian and Bulgarian translations.

What's new in 2.17 (2016/08/05)
- Don't load all builds to display the paginated build history
- Add dagnostic HTTP response to TCP agent listener.
- Internal: Invoke FindBugs during core build.

What's new in 2.16 (2016/07/31)
- Fix plugin dependency resolution. Jenkins will now refuse to
  load plugins with unsatisfied dependencies, which resulted in
  difficult to diagnose problems. This may result in errors on
  startup if your instance has an invalid plugin configuration,
  check the Jenkins log for details.
- Decouple bouncycastle libraries from Jenkins into
  bouncycastle-api plugin.
- Upgrade to instance-identity module 2.1.
- Hide the Java Web Start launcher when the TCP agent port is
- Allow admins to control the enabled agent protocols on their
  instance from the global security settings screen.
- Display delete button only when build is not locked.
- Use build start times instead of build scheduled times in build
  timeline widget.
- Internal: Move CLI commands wait-node-online/wait-node-offline
  from core to CLI module.
- Internal: Allow accessing instance identity from core.
- Internal: Fix the default value handling of

What's new in 2.15 (2016/07/24)
- Tell browsers not to cache or try to autocomplete forms in
  Jenkins to prevent problems due to invalid data in form
  submissions. From now on, only select form fields (e.g. job name)
  will offer autocompletion.
- Prevent null pointer exceptions when not entering a cron spec
  for a trigger.
- Defend against some fatal startup errors.
- Use the icon specified by the computer implementation on its
  overview page.
- Internal: Extract the CLI command offline-node from core.

What's new in 2.14 (2016/07/17)
- Minor optimization in calculation of recent build stability
  health report.
- When a user aborts the build, this user may be restored after
  its deletion.
- Prevent potential NullPointerException in the
  BlockedBecauseOfBuildInProgress build blockage cause
- CLI commands quiet-down and cancel-quiet-down were extracted
  from the core to CLI.
- Developer API: Extract listing of computer names to the
  ComputerSet#getComputerNames() method.
- Developer API: Add a try with resources form of impersonation.
- Developer API: Usage of ItemCategory#MIN_TOSHOW in external
  plugins is now restricted.

What's new in 2.13 (2016/07/10)
- Eliminate "dead executor" UI appearing after certain errors,
  such as JENKINS-27530.
- Make setup wizard installation panel usable on small screens.

What's new in 2.12 (2016/07/05)
- Enable the DescriptorVisibilityFilters for ComputerLauncher,
  RetentionStrategy and NodeProperty.
- Before starting a process, ensure that its working directory
- Prevent NullPointerException during SCM polling if
  SCMDecisionHandler returns null veto.
- Fix optional plugin dependency version resolution.
- When creating a tar file, ensure that the final size does not
  exceed the value in header in the case of growing files.
- Do not inject build variables into Maven process by default for
  new projects.
- Update BUILD_TAG environment variable description to mention the
  replacement of slashes with dashes.
- Internal API: Make BulkChange auto-closeable.

What's new in 2.11 (2016/06/26)
- Provide an extension point for SCM decisions such as whether to
  poll a specific job's backing repository for changes.

What's new in 2.10 (2016/06/19)
- Better exception message if a SecurityRealm returns null when
  loading a user.
- Prevent NullPointerException in user registration if user ID is
  not specified.
- Internal: It was impossible to build Jenkins on 32-bit Linux

What's new in 2.9 (2016/06/13)
- Remoting 2.60: Do not invoke PingFailureAnalyzer for
  agent=>master ping failures.
- API: Allow delegating TaskListener creation to build agent

Revision 1.18 / (download) - annotate - [select for diffs], Fri Sep 30 15:13:14 2016 UTC (2 years, 3 months ago) by fhajny
Branch: MAIN
Changes since 1.17: +5 -5 lines
Diff to previous 1.17 (colored)

Update devel/jenkins to 2.7.4 (LTS)

Jenkins 2 is a drop-in replacement of the Jenkins 1.x series of
releases and fully backward compatible.

2.7.4 (2016-09-08)

- Prevent File descriptor leaks when reading plugin manifests. It
  causes failures during the upgrade of detached plugins on

2.7.3 (2016/08/31)

- Stop A/B testing of the remoting JNLP3 protocol due to the known
  issues. The protocol can be enabled manually via the
  jenkins.slaves.JnlpSlaveAgentProtocol3.enabled system property.
- When checking Update Center, append ?uctest parameter to HTTP
  and HTTPS URLs only.
- Ensure that detached plugins are always at least their minimum
- Remove trailing space from Hudson.DisplayName in Spanish, which
  resulted in problems with Blue Ocean.
- Make sure that the All view is created.
- Incorrect formatting of messages in the Update Center and Setup
- Underprivileged users were unable to use the default value of a
  password parameter.
- Properly handle exceptions during global configuration form
  submissions when SCM Retry Count field is empty.
- Do not allow disabled project to be triggered remotely.
- Ensure that SCMDescriptor.newInstance overrides are honored when
  creating new SCM entries.
- Add a cache for user information to fix performance regression
  due to SECURITY-243.
- Performance: Disable AutoBrowserHolder by default to improve the
  changelog rendering performance.
- Honor non-default update sites in setup wizard.

2.7.2 (2016/08/03)

- Always send usage statistics over HTTPs to the new hostname.
- Fix issues in file management in hudson.remoting.Launcher (main
  executable class).
- Remoting 2.60: Fix potential file handle leaks during the build
  agent (FKA slave) startup. issue 35190)
- Remoting 2.60: Proper handling of the no_proxy environment
- Performance: Improve configuration page load times by removing
  the CodeMirror reloading cycle.
- Remoting 2.60: hudson.Remoting.Engine#waitForServerToBack now
  uses credentials for connection.
- IllegalStateException under certain conditions when reloading
  configuration from disk while jobs are in the queue.
- Allow keeping builds forever with custom build retention
- Remoting 2.60: Make the channel reader tolerant against Socket

2.7.1 (2016/07/06)

Changes from 2.7:
- Installation Wizard: Do not offer creating new admin user if the
  security is preconfigured.
- API: Make it easier for UpdateSites to tweak the
- Fix the repeatable item delete button layout in Safari.
  Addresses Build Steps and other such configuration items.
- Prevent NullPointerException on startup after update from
  Jenkins 2.5.
- Explicitly declare compatibility of Windows build agent service
  with .NET Framework 4.
- Honor noProxy settings from "Manage Jenkins > Manage Plugins >
- API: Restrict external usages of
- Internal: Upgrade Groovy to 2.4.7 to finalize the fix in Jenkins

Notable changes since 1.651.3:
- More detailed information about the new features in Jenkins 2 on
  the overview page. Note that AJP support has been removed, if
  your service script enables it, Jenkins will fail to start.
- New password-protected setup wizard shown on first run to guide
  users through installation of popular plugins and setting up an
  admin user.
- Plugin bundling overhaul: Bundled plugins are only installed if
  necessary when upgrading, all plugins can be uninstalled.
- Redesigned job configuration form makes it easier to understand
  the option hierarchy, and to navigate the form.
- Richer 'Create Item' form with job icons and job categories
  (once a threshold of three categories has been reached).
- Support encrypted communication between master and JNLP slaves.
- Enable disabled dependencies during plugin installations.
- Force ordering between GPG and jarsigner to ensure correct GPG
- Secured Jenkins installations didn't properly save the queue on
- Upgrade wizard encourages installation of Pipeline related
  plugins when upgrading from 1.x.
- Jenkins now requires Servlet 3.1. Upgraded embedded
  Winstone-Jetty to Jetty 9 accordingly. This removes AJP support
  when using the embedded Winstone-Jetty container.
- Bundled Groovy updated from 1.8.9 to 2.4.7.
- Moved tools configuration from Configure Jenkins to separate
- Added option to prohibit anonymous access to security realm
  "Logged in users can do anything", enable by default.
- Renamed 'slave' to 'agent' on the UI.
- Improvements to inline documentation of numerous form fields in
  Jenkins global and job configuration.
- Change default CSRF protection crumb name to Jenkins-Crumb for
  nginx compatibility.
- Add symbol annotations on core.
- Workaround for unpredictable Windows file locking.
- Remove the historical initialization of CVS changelog parser for
  jobs without explicit SCM definition. Warning! This change may
  potentially cause a regression if a Jenkins plugin depends on
  this default behavior and injects changelogs without SCM.
- Add the JOB_BASE_NAME environment variable to builds (job name
  without path).
- Allow overriding Jenkins UpdateCenter by a custom
- Allow overriding Jenkins PluginManager by a custom
- Allow setting of properties from context.xml and web.xml in
  addition to setting system properties from the command line.
- Remoting: Allow Jenkins admins to adjust the socket timeout.
  (Controlled by hudson.remoting.Engine.socketTimeout)
- Remoting: Allow disabling the remoting protocols individually.
  Allows working around compatibility issues like JENKINS-34121.
  (Controlled by PROTOCOL_CLASS_NAME.disabled)
- Remoting, scalability: Ensure that the unexporter cleans up
  whatever it can each GC sweep.
- Remoting: Force class load on UserRequest to prevent deadlocks
  on Windows nodes agents in the case of multiple classloaders.
  (Controlled by hudson.remoting.RemoteClassLoader.force)
- Make ToolInstallers to follow HTTP 30x redirects.
- Disable JSESSIONID in URLs when running in the JBoss web
  container. It prevents Error 404 due to invalid links starting
  from Jenkins 1.556. More info: WFLY-4782
- Allow starting non-AbstractProject (e.g. Pipeline) jobs from
- Plugin Manager was building incorrect list of bundled plugins
  for nested dependencies.
- Developer API: Add WorkspaceList.tempDir(...).
- Developer API: Allow putting @Initializer annotations on
  instance methods.
- Developer API: Allow specifying custom AbortExceptions.

1.651.3 (2016/06/08)

- Cannot enable disabled dependencies.
- Listed Parameters should reflect what was used when the build
- Installation Wizard: SEVERE errors in logs, enabling of the
  enabled plugin.
- Check Updates PeriodicWork dies horribly in the case of invalid
- RSS ID duplication for items with same name in different
- Remoting, scalability: Ensure that the unexporter cleans up
  whatever it can each GC sweep.
- Remoting: Force class load on UserRequest to prevent deadlocks
  on Windows nodes agents in the case of multiple classloaders.
  (Controlled by hudson.remoting.RemoteClassLoader.force)
- Remoting: Allow Jenkins admins to adjust the socket timeout.
  (Controlled by hudson.remoting.Engine.socketTimeout)
- Remoting: Allow disabling the remoting protocols individually.
  Allows working around compatibility issues like JENKINS-34121.
  (Controlled by PROTOCOL_CLASS_NAME.disabled)

1.651.2 (2016/05/11)

- Important security fixes
- Update remoting to 2.57.
- Pipeline runs not reliably started after restart when using
  Build after other projects are built.
- Prevent badges in build history sidepanel widget from
  overlapping page contents.
- Do not hardcode .bat extension for Maven on Windows.
- Don't store redundant build causes, make list of build causes
- Make context meny link Delete Project work with CSRF protection

1.651.1 (2016/04/14)

Changes from 1.651:
- Honor the option to opt out of usage statistics submission.
- Plugin filters were failing to be removed and blocking restart.
- Do not fail update center check if there are no tool installers
- Fix argument masking for sensitive build variables on Windows.
- Under some conditions Jenkins startup could fail because of
  incorrectly linked extensions; now recovering more gracefully.
- Multiple bug fixes related to shutdown sequence.

Notable changes since 1.642.3:
- Move periodic task log files from JENKINS_HOME/*.log to
  JENKINS_HOME/logs/tasks/*.log and rotate them periodically
  rather than overwrite every execution.
- Allow changing the directory used for the extraction of plugin
  archives via the --pluginroot CLI option (also controllable via
  the hudson.PluginManager.workDir system property / context
  parameter. Also document the --webroot CLI parameter in java
  -jar jenkins.war --help
- Unify CLI exit code semantics.
- Add time zone to generation date in footer in most locales.
- The Windows service wrapper now specifies the --webroot argument
  to extract the war file into %BASE%.
- Allow retrying core update when the first attempt failed.
- Allow specifying the default TCP slave agent listener port via
  system property.
- Fix documentation of proxy configuration.
- Retrieve tool installer metadata from all update sites.
- Fields on the parameters page are no longer aligned at the
- Cleanup of CLI error handling and return codes.
- Boot failure hook script did not work,
  WebAppMain.contextDestroyed produces weird errors.
- ArrayIndexOutOfBoundsException when parsing range set.
- Generate new instance identity file when the existing one is
  found to be corrupt.
- Developer: The official parent POM for plugins is now hosted in
  the plugin-pom repository, starting with version 2.0.
- API changes: Add a reusable implementation of IdleOfflineCause
- Developer: Split test harness into separate artifact.
- Developer: Pass $it to contents of dropdownDescriptorSelector.

1.642.4 (2016/03/31)

- Honor the option to opt out of usage statistics submission.

1.642.3 (2016/03/16)

- Fields on the parameters page are no longer aligned at the
- Under some conditions a build record could be loaded twice,
  leading to erratic behavior.

1.642.2 (2016/02/24)

- Important security fixes
- Don't submit usage statistics while Jenkins hasn't finished
- Performance regression when setting JDK installations.
- Renaming a node over another was possible and destroys both
- A CloudProvisioningListener can prevent provisioning of all
  clouds instead of just the targeted cloud.
- GroovyHookScript needs Jenkins to be initialized but should not
  (for e.g. boot failure script).
- Don't show "termination trace" as warning in the log as
  it's not necessarily an error condition.

1.642.1 (2016/01/20)

- No changes compared to 1.642

Revision 1.17 / (download) - annotate - [select for diffs], Thu Dec 17 20:20:30 2015 UTC (3 years, 1 month ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.16: +5 -5 lines
Diff to previous 1.16 (colored)

Update to Jenkins 1.642.

Changes in 1.642 (2015/12/13)

- Various kinds of settings could not be saved since 1.640.
  (issue 31954)

Changes in 1.641 (2015/12/09)

- Important security fixes (CVE-2015-7536, CVE-2015-7537,
  CVE-2015-7538, CVE-2015-7539)

Changes in 1.640 (2015/12/07)

- Added support of default values in the enum.jelly form
  element. (PR 1926)
- Bytecode Compatibility Transformer computes the common super
  class without loading classes. Fixes the ClassCircularityError
  exception in Ruby Runtime Plugin. (issue 31019)
- Extended Choice parameter definitions could not be saved since 1.637.
  (issue 31458)
- Display expected CRON run times even if a warning occurs.
  (issue 29059)
- Rework the online-node command implementation, no functional
  changes. (issue 31776)
- Fix the footer behavior in particular cases. (issue 30304,
  issue 31395)
- API changes: Deprecate subclassing of hudson.Plugin. (PR 1940)

Changes in 1.639 (2015/11/29)

- "Discard old builds" setting would be lost if resaving job
  configuration as of 1.637 without rechecking the box. (issue 31518)
- "Form too large" errors from Jetty when submitting massive
  forms. (issue 20327)
- Multiple workspace browser features broken on Windows masters
  since 1.634. (issue 31015)

Changes in 1.638 (2015/11/11)

- Important security fixes (CVE-2015-5317, CVE-2015-5318,
  CVE-2015-5319, CVE-2015-5320, CVE-2015-5324, CVE-2015-5321,
  CVE-2015-5322, CVE-2015-5323, CVE-2015-5325, CVE-2015-5326,

Changes in 1.637 (2015/11/08)

- Remove useless warnings about a JDK named null. (issue 31217)
- New OptionalJobProperty class to simplify JobProperty
  creation. (pull 1888)

Changes in 1.636 (2015/11/01)

- Add "lastCompletedBuild" job permalink. (issue 26270)

Changes in 1.635 (2015/10/25)

- Make Node implement Saveable. (issue 31055)
- Revert trigger optimizations made in 1.621 by PR 1617.
  (issue 30745)
- Delegate CLI's delete-node command to the overridable
  Computer.doDoDelete() method. Fixes the issue in OpenStack and
  JClouds plugins. (issue 31098, regression in 1.618)
- Prevent autocorrect of username on mobile devices in login
  forms. (PR 1531)
- Describe the built-in JDK as "(System)". (issue 755)
- Update JNA library to 4.2.1 in order to integrate fixes for
  linux-ppc64 and linux-arm platforms. (issue 15792)

Changes in 1.634 (2015/10/18)

- Fix order of builds in new builds history widget introduced
  in 1.633. (issue 30899)
- Bytecode Compatibility Transformer would fail to transform
  some classes resulting in ClassNotFoundException. (issue 30820)
- Prevent ClassCastException in AbstractBuild::reportError() if
  the build step is not Publisher. (issue 30730)
- Trim job names during the rename operation (it is impossible
  to delete or rename jobs with trailing spaces). (issue 30502)
- Add "graphBg" and "plothBg" background color options to plot
  URLs (PR 1769)
- API changes: Add get method for causes of interruption in
  hudson.model.Executor (PR 1712)
- Allow case insensitive file patterns in Artifacts Archiving.
  (issue 5253)
- Prevent NullPointerException while estimating duration of
  Queue executable items. (issue 30456)
- Fix the resolution of Windows symbolic links in
  SecretRewriter. (issue 30456)
- Let a combobox display its drop-down when focused, so users
  can see candidates without entering a letter. (issue 26278)

Changes in 1.633 (2015/10/11)

- Added safari pinned tab icon.
- Plugin Manager UI changes to prevent users from
  enabling/disabling/uninstalling plugins at the "wrong" time.
  (issue 23150)
- bytecode-compatibility-transformer produces malformed
  bytecode. (issue 28781)
- Properly handle RuntimeExceptions in run retention policy
  handler calls. (issue 29888)
- Prevent NullPointerException in CLI if Jenkins cannot find the
  specified job or a job with the nearest name. (issue 30742)
- Do not show REST API link for pages, which have no API
  handlers. (issue 29014)
- JS alert preventing to leave a configuration page without
  changes. (issue 21720)
- JS error triggered by collapsing build history widget. (issue 30569)
- Build history pagination and search. (issue 26445)

Changes in 1.632 (2015/10/05)

- Optimize TagCloud size calculation. (issue 30705)
- FlyWeightTasks tied to a label will not cause node
  provisioning and will be blocked forever. (issue 30084)
- Prevent NullPointerException for disabled builds in
  ReverseBuildTrigger. (issue 29876)
- ConsoleLogFilter wasn't truly global (issue 30777)
- API changes: hudson.Util.isOverridden() now supports protected
  methods. (issue 30002)
- Sidepanel controls with confirmation (lib/layout/task) did not
  assign the proper CSS style. (issue 30787)

Changes in 1.631 (2015/09/27)

- Add proper labels for plugin categories assigned to some
  plugins. (PR 1758)

Changes in 1.630 (2015/09/20)

- Make JenkinsRule useable on systems which don't support JNA
  (issue 29507)

Changes in 1.629 (2015/09/15)

- Old data monitor made Jenkins single-threaded for all saves.
  (issue 30139)

Changes in 1.628 (2015/09/06)

- Replaced all non java.util.logging logging libraries with
  slf4j interceptors. (PR 1816)
- Document allBuilds subtree in remote API for jobs. (PR 1817)

Changes in 1.627 (2015/08/30)

- Race condition in triggers could cause various
  NullPointerExceptions. (issue 29790)
- Archiving of large artifacts. Tar implementation cannot handle
  files having a size >8GB. (issue 10629)
- Allow plugins to augment or replace the plugin manager UI. (PR 1788)

Changes in 1.626 (2015/08/23)

- RunIdMigrator fails to revert Matrix and Maven jobs. (issue 29989)
- Fix error message "Failed to listen to incoming slave connection"
  after fixing port through init.groovy.d. (issue 29798)

Changes in 1.625 (2015/08/17)

- Fixed a deadlock between the old data monitor and
  authorization strategies. (issue 29936)
- Allow rejecting configurations with errors in critical fields
  via REST / CLI. (issue 28440)
- Do not display No changes if changelog is still being computed.
  (issue 2327)

Changes in 1.624 (2015/08/09)

- Allow more job types to use a custom "Build Now" text. (issue 26147)

Changes in 1.623 (2015/08/02)

- No notable changes in this release.

Changes in 1.622 (2015/07/27)

- Jenkins now support self-restart and daemonization in FreeBSD
  (PR 1770)
- Node provisioner may fail to correctly indicate that
  provisioning was finished. (issue 29568)

Changes in 1.621 (2015/07/19)

- Sort by 'Free Disk Space' is incorrect. (issue 29286)
- Label expression help is missing in recent Jenkins versions.
  (issue 29376)
- Pre-emptively break memory cycles causing excessive live-set
  retention in remoting layer. (issue 28844)
- Don't run trigger for disabled/copied projects. (PR 1617)

Changes in 1.620 (2015/07/12)

- Display system info even when slave is temporarily offline.
  (issue 29300)

Changes in 1.619 (2015/07/05)

- Update auto-installer metadata for newly installed plugins.
  (issue 27694)
- Allow plugins to veto process killing. (issue 9104)

Changes in 1.618 (2015/06/29)

- Fix deadlock in hudson.model.Executor. (issue 28690)
- Don't truncate /consoleText output after fixed number of
  lines. (issue 14899)
- Allow delete-* CLI commands to operate on multiple arguments.
  (issue 28041)
- Prevent NullPointerException in Executor/causeOfDeath page if
  there is no exception details. (issue 25734)
- Fixed synchronization issue when setting JDK installations.
  (issue 28292)
- Fix several loggers which are identifying as the wrong class.
  (PR 1651)
- Revert fix for issue 17290 due to the regressions it caused.
  (issue 28601)
- Fix deadlock between hudson.model.Queue and
  hudson.model.Computer. (issue 28840)
- Fix jobs getting stuck in the Queue when there exists a cycle
  of upstream/downstream blocks between them. (issue 28926)
- Always use earlier start time when merging two equivalent
  queue items. (issue 2180)

Changes in 1.617 (2015/06/07)

- Regression in build-history causing ball to not open console
  (issue 28704)
- JNLP slaves did not pick up changes to environment variables.
  (issue 27739)
- NullPointerException in AbstractProject constructor if Jenkins
  nodes has not been loaded yet (issue 28654)

Changes in 1.616 (2015/05/31)

- Job loading can be broken by NullPointerException in a build
  trigger (issue 27549)

Changes in 1.615 (2015/05/25)

- Improper calculation of queue length in UnlabeledLoadStatistics
  causing overheads in Cloud slave provisioning (issue 28446)
- Category titles in Available Plugins list appear wrong in
  reverse sort order (issue 17290)
- CronTab API: Timezone support for scheduling (issue 9283)
- NullPointerException when trying to reset Jenkins admin
  address (issue 28419)
- Reduce the thread overhead in NodeMonitorUpdater (PR 1714)
- Build history overflows (issue 28425)
- Build History badges don't wrap (issue 28455)

Changes in 1.614 (2015/05/17)

- ExtensionList even listener. (issue 28434)
- NullPointerException computing load statistics under some
  conditions. (issue 28384)
- Plugins using class loader masking did not work properly over
  the slave channel. (issue 27289)
- DefaultJnlpSlaveReceiver now returns true when rejecting a
  takeover. (issue 27939)
- Do not follow href after sending POST via l:task (issue 28437)

Changes in 1.613 (2015/05/10)

- Update bundled LDAP plugin in order to restore missing help
  files (issue 28233)
- hudson.model.Run.getLog() throws IndexOutOfBoundsException
  when called with maxLines=0 (issue 27441)

Changes in 1.612 (2015/05/03)

- Jenkins now requires Java 7. (announcement, issue 28120)
- Handle AbortException publisher status in the same way as
  deprecated false boolean status (issue 26964)
- Ensures GlobalSettingsProvider does not swallow fatal
  exceptions (issue 26604)
- add datestamp to node-offline message (issue 23917)
- Larger minimum popup menu height. (issue 27067)
- Descriptor.getId fix in 1.610 introduced regressions affecting
  at least the Performance and NodeJS plugins. (issue 28093 and
  issue 28110)
- Under rare conditions Executor.getProgress() can throw a
  Division by zero exception. (issue 28115)
- The Run from the command line option for launching a JNLP
- slave should display the configured JVM options. (issue 28111)

Changes in 1.611 (2015/04/26)

- Descriptor.getId fix in 1.610 introduced a regression
  affecting at least the Copy Artifacts plugin. (issue 28011)
- Search box did not work well inside folders. (issue 24433)
- Revert changes in 1.610 made to resolve issue 10629. (issue
  28012, issue 28013)
- Advertise JNLP slave agents to the correct host name, even in
  the presence of a reverse proxy. (issue 27218)
- Advertised TCP slave agent port number is made tweakable.
- Correctly identify Channel listener onClose propagated
  exceptions (issue 28062)

Changes in 1.610 (2015/04/19)

- Since 1.598 overrides of Descriptor.getId were not correctly
  handled by form binding, breaking at least the CloudBees
  Templates plugin. (issue 26781)
- Reverted in 1.611, reimplemented in 1.627. Archiving of large
  artifacts. Tar implementation cannot handle files having a
  size >8GB. (issue 10629)
- The queue state was not updated between scheduling builds.
  (issue 27708, issue 27871)

Changes in 1.609 (2015/04/12)

- When concurrent builds are enabled, artifact retention policy
  may delete artifact being used by an actually running build.
  (issue 27836)
- Documentation for $BUILD_ID did not reflect current reality
  (issue 26520)

Changes in 1.608 (2015/04/05)

- PeepholePermalink RunListenerImpl oncompleted should be
  triggered before downstream builds are triggered. (issue 20989)
- NPE when /script used on offline slave. (issue 26751)
- Make periodic workspace cleanup configurable through system
  properties. (issue 21322)
- Do not offer to restart on /restart and /safeRestart if the
  configuration does not support it. (issue 27414)
- Polling was skipped while quieting down, resulting in ignored
  commit notifications. This behavior was changed. (issue 26208)
- Starting this version, native packages are produced from the
  new repository. File issues related to installers and packages
  in the packaging component.

Changes in 1.607 (2015/03/30)

- JSONP served with the wrong MIME type and rejected by Chrome.
  (issue 27607)
- Security file pattern whitelist was broken for some plugins
  since 1.597. (issue 27055)
- Lock an Executor without creating a Thread (issue 25938)
- Hide flyweight master executor when ćé heavyweight executors
  running as subtasks (issue 26900)
- Way to mark an Executable that should not block
  isReadyToRestart (issue 22941)
- Refactor the Queue and Nodes to use a consistent locking
  strategy (issue 27565) Note that this change involved moving
  slave definitions outside the main config.xml file. If you
  downgrade after this, your slave settings will be lost.
- Makes the Jenkins is loading screen not block on the
  extensions loading lock (issue 27563)
- AdjunctManager: exception upon startup (issue 15355)
- Removes race condition rendering the list of executors (issue 27564)
- Tidy up the locks that were causing deadlocks with the once
  retention strategy in durable tasks (issue 27476)
- Remove any requirement from Jenkins Core to lock on the Queue
  when rendering the Jenkins UI (issue 27566)
- Prevent lazy loading operation when obtaining label
  information. (issue 26391)
- Ensure that the LoadStatistics return a self-consistent
  result. (issue 21618)
- Build reports to be running for 45 yr and counting. (issue 26777)

Changes in 1.606 (2015/03/23)

- Jenkins CLI doesn't handle arguments with equal signs (issue 21160)
- master/slave communication ping reacts badly if a clock jumps.
  (issue 21251)
- JNLP slaves can now connect to master through HTTP proxy.
  (issue 6167)
- Fixes to several security vulnerabilities. (advisory)

Changes in 1.605 (2015/03/16)

- Integrate Stapler fix for queue item API always returning 404
  Not Found since 1.601. (issue 27256)

Changes in 1.604 (2015/03/15)

- Added a switch (-Dhudson.model.User.allowNonExistentUserToLogin=true)
  to let users login even when the record is not found in the
  backend security realm. (issue 22346)
- Avoid deadlock when using build-monitor-plugin. (issue 27183)
- As security hardening, mark "remember me" cookie as HTTP only
  (issue 27277)
- Show displayName in build remote API. (issue 26723)

Changes in 1.602 (2015/03/08)

- Show Check Now button also on Available and Updates tabs of
  plugin manager. (PR 1593)

Changes in 1.601 (2015/03/03)

- Regression with environment variables in 1.600. (issue 27188)
- Errors with concurrent matrix builds since 1.597. (issue 26739)
- Errors in Dashboard View plugin since 1.597. (issue 26690)
- Robustness improvement when setting up Archive Artifacts
  programmatically. (issue 25779)
- Map onto Run (issue 27096)

Changes in 1.600 (2015/02/28)

- Fixes to multiple security vulnerabilities.
- JDK auto-installer for Mac OSX
- An error thrown in the wrong place in a publisher could result
  in a failure to release a workspace lock. (issue 26698)
- Cache node environment to prevent unnecessary channel usage
  (issue 26755)
- Build history text field wrap fails when containing markup
  (issue 26406)
- Maven build step fail to launch mvn process when special chars
  are present in build variables. (issue 26684)

Changes in 1.599 (2015/02/16)

- Errors in some Maven builds since 1.598. (issue 26601)
- Build format change migrator in 1.597 did not work on some
  Windows systems. (issue 26519)
- Remote FilePath.chmod fails with ClassNotFoundException:
  javax.servlet.ServletException. (issue 26476)
- Added SimpleBuildWrapper API. (issue 24673)
- Animated ball in job's build history widget won't open Console
  Output. (issue 26365)
- Show job name in Schedule Build column tool tip. (issue 25234)
- Allow OldDataMonitor to discard promoted-build-plugin
  Promotions (issue 26718)

Changes in 1.598 (2015/01/25)

- FutureImpl does not cancel its start future. (issue 25514)
- Flyweight tasks were under some conditions actually being run
  on heavyweight executors. (issue 10944) (issue 24519)
- Folder loading broken when child item loading throws
  exception. (issue 22811)
- Plugin icon images were broken when running Jenkins from a UNC
  path. (issue 26203)
- Allow admin signup from /manage as well. (issue 26382)
- Amend JAVA_HOME check to work with JDK 9. (issue 25601)
- CLI list-jobs command should display raw name, not display
  name, where they differ. (issue 25338)
- Show queue item parameters in tool tip. (issue 22311)
- Better support functional tests from Gradle-based plugins.
  (issue 26331)
- Allow users to delete builds even if they are supposed to be
  kept. (issue 26281)
- Fixed side/main panel scrolling issues. (issue 26312, issue
  26298, issue 26306)
- Improve error reporting when channel closed during build.
  (issue 26411)
- Fixed CodeMirror issue with height and re-enabled syntax
  highlighting in shell build step. (issue 25455, issue 23151)

Changes in 1.597 (2015/01/19)

- JENKINS_HOME layout change: builds are now keyed by build
  numbers and not timestamps. See Wiki for details and
  downgrade. (issue 24380)
- Do not throw exception on /signup when not possible. (issue 11172)
- Tool installer which downloads and unpacks archives should not
  fail the build if the tool already exists and the server returns
  an error code. (issue 26196)
- Fingerprint compaction aggravated lazy-loading performance
  issues. (issue 19392)
- Possible unreleased workspace lock if SCM polling fails during
  setup. (issue 26201)
- Misleading description of the 'workspace' permission. (issue 20148)
- Run parameters should show display name if set, rather than
  build numbers. (issue 25174)
- Add range check for H(X-Y) syntax. (issue 25897)

Changes in 1.596 (2015/01/04)

- Build page was broken in Hungarian localization while
  building. (issue 26155)
- Allow breaking label and node lists. (issue 25989)

Changes in 1.595 (2014/12/21)

- Spurious warnings in the log after deleting builds. (issue 25788)
- Master labels disappear when system configuration is updated.
  (issue 23966)
- Updated icon-set dependency to version 1.0.5. (issue 25499,
  issue 25498)

Changes in 1.594 (2014/12/14)

- After recent Java security updates, Jenkins would not
  gracefully recover from a deleted secrets/master.key.
  (issue 25937)
- Restrict where this project can be run regressed in 1.589 when
  using the ClearCase plugin. (issue 25533)

Changes in 1.593 (2014/12/07)

- Dynamic Single/Multi line Build History layout. (issue 25381,
  issue 25393, issue 24687, issue 24589)

Changes in 1.592 (2014/11/30)

- Performance problems on large workspaces associated with
  validating file include patterns. (issue 25759)

Changes in 1.591 (2014/11/25)

- Always use forward slashes in path separators during in ZIP
  archives generated by Directory Browser (issue 22514)

Changes in 1.590 (2014/11/16)

- Basic Authentication in combination with Session is broken
  (issue 25144)
- Some plugins broken since 1.584 if they expected certain
  events to be fired under a specific user ID. (issue 25400)
- Fixed various real or potential resource leaks discovered by
  Coverity Scan (pull request 1434)
- API changes: Expose
  for plugins. (pull request 1456)
- API method to aggregate multiple FormValidations into one.
  (pull request 1458)
- API method to get non-null Jenkins instance with internal
  validation (issue 23339)

Changes in 1.589 (2014/11/09)

- JNA error in WindowsInstallerLink.doDoInstall. (issue 25358)
- Restore compatibility of label assignment for some plugins.
  (issue 25372)

Changes in 1.588 (2014/11/02)

- Unnecessarily slow startup time with a massive number of jobs.
  (issue 25473)
- Custom workspace option did not work under some conditions.
  (issue 25221)

Changes in 1.587 (2014/10/29)

- Queue didn't always leave a trail for cancelled items properly
  (issue 25314)
- JNA update for deprecated JNA-POSIX library. (issue 24527)
- Introduced slave-to-master security mechanism to defend a
  master from slaves. (SECURITY-144)

Changes in 1.586 (2014/10/26)

- Bumping up JNA to 4.10. This is potentially a breaking change
  for plugins that depend on JNA 3.x (issue 24521)
- Prevent empty file creation if file parameter is left empty.
  (issue 3539)
- Servlet containers may refuse to let us set secure cookie
  flag. Deal with it gracefully. (issue 25019)
- Existing FileParameters should be handled as different values
  to avoid merging of queued builds (issue 19017)

Changes in 1.585 (2014/10/19)

- Build health computed repeatedly for a single Weather column
  cell. (issue 25074)
- Missing workspace page should use 404 status code. (issue 10450)
- Fixed memory leak occurring on pages producing incremental
  output with a progress bar. (issue 25081)
- Updated SSH Slaves plugin to 1.8.
- Due to the reaction, default umask in debian package is set
  back to 022 (issue 25065)
- Greater-than characters are not escaped in HTML outputs like
  e-mails (issue 16184)
- Thread starvation from OldDataMonitor. (issue 24763)
- Integer overflow in quiet-down timeout calculation (issue 24914)
- Don't put session IDs in URLs even when cookies are disabled.
  (issue 22358)
- Show keep build log reason in tool tips (pull request 1422)
- Do not disable projects, which do not support such operation
  (like Matrix configurations) (issue 24340)
- Improved the scalability of SSH slaves plugin caused by global
  lock in SecureRandom (issue 20108)
- Incorporated a fix for "Poodle" (CVE-2014-3566) vulnerability
  in the HTTPS connector of "java -jar jenkins.war" (issue 25169)

Changes in 1.584 (2014/10/12)

- Diagnostic thread names are now available while requests are
  still in filters
- When killing Windows processes, check its critical flag to
  avoid BSoD (issue 24453)
- When a user could not see a view, but could delete/move/rename
  jobs contained in it, the view was not properly updated.
  (issue 22769)
- Use POST for cancel quiet down link. (issue 23020, issue 23942)
- Do not consider port in use error to be a successful start of
  Jenkins on Debian. (issue 24966)

Changes in 1.583 (2014/10/01)

- Fixes to multiple security vulnerabilities:
  SECURITY-87/CVE-2014-3661 (anonymous DoS attack through CLI handshake)
  SECURITY-110/CVE-2014-3662 (User name discovery)
  SECURITY-127&128/CVE-2014-3663 (privilege escalation in job configuration permission)
  SECURITY-131/CVE-2014-3664 (directory traversal attack)
  SECURITY-138/CVE-2014-3680 (Password exposure in DOM)
  SECURITY-143/CVE-2014-3681 (XSS vulnerability in Jenkins core)
  SECURITY-150/CVE-2014-3666 (remote code execution from CLI)
  SECURITY-155/CVE-2014-3667 (exposure of plugin code)
  SECURITY-159/CVE-2013-2186 (arbitrary file system write)
  SECURITY-149/CVE-2014-1869 (XSS vulnerabilities in ZeroClipboard)
  SECURITY-113/CVE-2014-3678 (XSS vulnerabilities in monitoring plugin)
  SECURITY-113/CVE-2014-3679 (hole in access control)

Changes in 1.582 (2014/09/28)

- Channel reader thread can end up consuming 100% CPU. (issue 23471)
- CancelledKeyException can cause all JNLP slaves to disconnect
  (and the problem remains until restart). (issue 24050)
- Consider dynamic label assignments for label load statistics.
  (issue 15576)
- Use Windows line endings for batch file build steps. (issue 7478)
- Reduced the logging clutter about the lack of @ExportedBean.
  (issue 24458)
- Character encoding problem in form submission when file
  parameters are present. (issue 11543)
- Improved error handling and "in-progress" UI feedback in JNLP
  slave to service installation.
- Winstone 2.4: reverse proxy support in the logging, request
  header size limit control, and different private key password
  from keystore password. (issue 23665)
- umask setting on Debian did not work. (pull 1397)
- handle job move when buildDir is configured to a custom
  location. (issue 24825)

Changes in 1.581 (2014/09/21)

- Use slightly larger Jenkins head icon. (pull 1360)
- Allow setting a system property to disable X-Frame-Options
  header. (issue 21881)
- Explicitly set background color of various UI elements to
  white. (issue 24625)
- Wrong Hebrew localization resulted in broken console output
  since 1.539. (issue 24614)

Changes in 1.580 (2014/09/14)

- Health reports saved to disk before 1.576 showed no weather
  icon since that version. (issue 24407)
- Renaming jobs fails if parent dir of custom build records
  directory does not exist. (issue 19764)
- Add editable descriptions for label atoms. (issue 6153)

Changes in 1.579 (2014/09/06)

- ConcurrentModificationException in
  RunListProgressiveRendering. (issue 21437)
- StackOverflowError for some old SCMListeners. (issue 23522)
- Job status page shows "Build has been executing for null on
  master" for flyweight tasks. (issue 20307)
- File locking issue when running functional tests on Windows.
  (issue 21977)
- Tolerate ?auto_refresh in reverse proxy check on /manage page.
  (issue 24014)
- Debian package now sets umask to 027 by default for better
  default privacy. See /etc/default/jenkins to change this.
  (issue 24514)

Changes in 1.578 (2014/08/31)

- Added 'no-store' to the 'Cache-Control' header to avoid
  accidental information leak through local cache backup
  (issue 24337)
- Deadlock in OldDataMonitor. (issue 24358)
- Use absolute links for computer sidepanel items so they don't
  break as easily. (issue 23963)

Changes in 1.577 (2014/08/24)

- Failure to migrate legacy user records in 1.576 properly broke
  Jenkins, resulted in NullPointerExceptions. (issue 24317)
- Jenkins did not correctly display icons contributed by plugins
  in 1.576. (issue 24316)
- Moved JUnit reporting functionality to a plugin. (issue 23263)
- Fixed ClassCastException on org.dom4j.DocumentFactory (issue 13709)
- Jenkins now logs warnings when it fails to export objects to
  XML/JSON. This can result in a lot of log output in case of
  heavy API use. We recommend that API users use the ?tree
  parameter instead of ?depth.
- Allow BuildStep to work with non-AbstractProject (issue 23713)
- Improved class loading performance when using Groovy. (issue 24309)
- Prevent NullPointerException from (issue 24110)
- Make the lifetime of queue items cache configurable. (issue 19691)
- Support --username/--password authentication for CLIMethod
  based CLI commands. (issue 23988)
- Don't link to /safeRestart after update if Jenkins cannot
  restart itself. (issue 24032)
- Properly consider busy executors when reducing a node's
  executor count. (issue 24095)

Changes in 1.576 (2014/08/18)

- Worked around "incompatible InnerClasses attribute" bug in IBM
  J9 VM (issue 22525)
- Fixed a file descriptor leak with CLI connections. (issue 23248)
- Fixed a regression that removed all users with uppercase
  letters in the user name since 1.566. (issue 23872)
- Improving security of set-build-parameter and set-build-result
  CLI commands. (issue 24080)
- Startup can be broken by deeply recursive causes in build
  records. (issue 24161)
- Displaying unabridged test result trend on project index page
  defeated lazy loading. (issue 23945)
- Added support for host:port format in X-Forwarded-Host header.
  (commit 19d8b80)
- API to launch processes without printing the command line.
  (issue 23027)
- Added option to increase impact of test failures on the
  weather report. (issue 24006)
- Modernized sidebar <l:pane>s and making them work better with
  new layout. (issue 23810, issue 23829)
- Add option to CLI to skip key authentication (e.g. when
  there's a password on the default key). (issue 23970)
- Modernize tabBar and bigtable. Makes the project view look
  better. Same for Plugin Manager. (issue 24030)

Changes in 1.575 (2014/08/10)

- Move option to fingerprint artifacts to Archive the Artifacts,
  Advanced options. (commit f43a450)
- Move option to keep dependencies (builds) from Fingerprint to
  Advanced Project Options. (commit a8756c6)
- Improved validation of Build Record Root Directory setting.
  (issue 14538)
- Indicate which node the workspace being viewed is on.
  (issue 23636)
- Show full project name for projects in folders. (issue 22971)
- UI redesign: Shrink the top bar, change logo, changed links in
  top bar.
- Killing processes started by builds on Unix was broken as of
  1.553. (issue 22641)
- Should not stop a build from finishing just to compute JUnit
  result difference to a prior build which is still running.
  (issue 10234)
- Do not show link to System Information page for offline
  slaves, make page more robust when offline. (issue 23041)
- Fix link to SCM polling log from downstream job cause.
  (issue 18048)
- Autocomplete logger names. (issue 23994)
- UI redesign: Fix links in header bar when logged in.
- Do not show changes for the build at the lower bound of the
  changes list. (issue 18902)
- Restrict access to SCM trigger status page to administrators.
  (pull 1282)

Changes in 1.574 (2014/07/27)

- UI redesign: Use Helvetica as default font (issue 23840)
- Synchronization issue during tool installation (issue 17667)
- Use native encoding for filenames in downloaded ZIPs. (issue 20663)

Changes in 1.573 (2014/07/20)

- UI redesign: Changed element alignment, removed sidebar link
  underlines (pull 1314, pull 1316)
- Word-break links in build logs to preserve page width (pull 1308)
- Log rotation fails with "...looks to have already been
  deleted" (issue 22395)
- Fixed unnecessary eager loading of build records in certain
  code path. (issue 18065)

Changes in 1.572 (2014/07/13)

- UI redesign: Changed header, made layout <div>-based and
  responsive (pull 1310)
- Improved handling of X-Forwarded-* headers (issue 23294)
- Do not offer automatic upgrade if war parent directory is not
  writable (issue 23683)

Changes in 1.571 (2014/07/07)

- IllegalArgumentException from AbstractProject.getEnvironment
  when trying to get environment variables from an offline
  slave. (issue 23517)
- Overall.READ is sufficient to access
  /administrativeMonitor/hudsonHomeIsFull/ (SECURITY-134)
- Master computer is not notified using ComputerListener (issue 23481)

Changes in 1.570 (2014/06/29)

- Add CLI commands to add jobs to and remove jobs from views
  (add-job-to-view, remove-job-from-view). (issue 23361)
- UI improvements / refreshing. (issue 23492)
- Failed to correctly resave a project configuration containing
  both a forward and a reverse build trigger. (issue 23191)
- Long log output resulted in missing Console link in popup.
  (issue 14264)
- HTTP error 405 when trying to restart ssh host. (issue 23094)
- Move 'None' Source Code Management option to top position.
  (issue 23434)
- Fixed NullPointerException when ArctifactArchiver is called
  for a build with the undefined status. (issue 23526)
- Allow disabling use of default exclude patterns in
  ArctifactArchiver (.git, .svn, etc.). (issue 20086)
- Fixed NullPointerException when "properties" element is
  missing in a job's configuration submission by JSON (issue 23437)

Changes in 1.569 (2014/06/23)

- Jenkins can now kill Win32 processes from Win64 JVMs. (issue 23410)
- Allow custom security realm plugins to fire events to
  SecurityListeners. (issue 23417)
- Recover gracefully if a build permalink has a non-numeric
  value. (issue 21631)
- Fix form submission via the Enter key for Internet Explorer
  version 9. (issue 22373)
- When Jenkins had a lot of jobs, submitting a view
  configuration change could overload the web server, even if
  few of the jobs were selected. (issue 20327)

Changes in 1.568 (2014/06/15)

- Fixed JNLP connection handling problem (issue 22932)
- Fixed NullPointerException caused by the uninitialized
  ProcessStarter environment in build wrappers (issue 20559)
- Support the range notation for pagination in API (issue 23228)
- Incorrect redirect after deleting a folder. (issue 23375)
- Incorrect links from Build History page inside a folder.
  (issue 19310)
- API changes allowing new job types to use SCM plugins. (issue 23365)
- API changes allowing to create nested launchers (DecoratedLauncher)
  (issue 19454)

Changes in 1.567 (2014/06/09)

- Fixed a reference counting bug in the remoting layer.
- Avoid repeatedly reading symlinks from disk to resolve build
  permalinks. (issue 22822)
- Show custom build display name in executors widget. (issue 10477)
- CodeMirror support for shell steps broke initial configuration.
  (issue 23151)
- Jenkins on Linux can not restart after plugin update when
  started without full path to java executable (issue 22818)
- Fixed NullPointerException when a build triggering returns
  null cause (issue 20499)
- Fixed NullPointerException on plugin installations when
  invalid update center is set (issue 20031)
- Use DISABLED_ANIME icon while building a disabled project
  (issue 8358)
- Process the items hierarchy when displaying the Show Poll
  Thread Count option (issue 22934)
- Compressed output was turned on even before Access Denied
  errors were shown for disallowed Remote API requests, yielding
  a confusing error. (issue 17374) (issue 18116)
- Properly close input streams in FileParameterValue (issue 22693)
- Incorrect failure age in the JUnit test results (issue 18626)
- Fixed deletion links for JVM Crash error logs (issue 22617)
- Distinguish "nodes for label offline" from "no nodes for label"
  (issue 17114)
- Add causes to queue item tool tip (issue 19250)
  JENKINS_HTTPS_KEYSTORE_PASSWORD options to Jenkins sysconfig
  file (issue 11673)
- RPM: Do not install jenkins.repo file (issue 22690)
- Don't advertise POSTing config.xml on master (issue 16264)
- Handle null parameter values to avoid massive executor deaths
  (issue 15094)
- Added an option to archive artifacts only when the build is
  successful (issue 22699)

Changes in 1.566 (2014/06/01)

- Configurable case sensitivity mode for user IDs. (issue 22247)
- Extension point for project naming strategies did not work
  from actual plugins. (issue 23127)
- Introduce directly modifiable views (issue 22967)
- Jenkins cannot restart Windows service (issue 22685)

Revision 1.16 / (download) - annotate - [select for diffs], Tue Nov 3 03:27:36 2015 UTC (3 years, 2 months ago) by agc
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)

Add SHA512 digests for distfiles for devel category

Issues found with existing distfiles:
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.15 / (download) - annotate - [select for diffs], Sat Oct 25 15:04:06 2014 UTC (4 years, 2 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.14: +4 -4 lines
Diff to previous 1.14 (colored)

Update to 1.565.3 from 1.532.1

What's new in 1.565.3 (2014/10/01)

    Plugin code can be downloaded by anyone with Overall/Read (SECURITY-155)
    Stored passwords can be read out from build with parameters page (SECURITY-138)
    Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2 as included with Jenkins (SECURITY-149)
    Unauthenticated users can make Jenkins behind Apache unresponsive (SECURITY-87)
    Users with limited Job/Configure can replace other jobs they have no access to (if they know the name) (SECURITY-128)
    CLI calls are causing file descriptor leaks. (issue 23248)
    Users with limited Job/Configure can change the kind of job via CLI, getting access to denied job types (SECURITY-127)
    Test result trend breaks lazy-loading (issue 23945)
    Unable to kill a job which is running (issue 17667)
    XSS weakness in load-statistics (SECURITY-143)
    Job is removed from ListView after rename (issue 23893)
    set-build-result and set-build-parameter do insufficient checks (issue 24080)
    Missing no-sniff header (SECURITY-122)
    Directory traversal (SECURITY-131)
    "incompatible InnerClasses attribute" error in IBM J9 VM (issue 22525)
    Arbitrary file system write via DiskFileItem deserialization (SECURITY-159)
    Missing SecureFlag cookie (SECURITY-120)
    Prevent (private security realm) usernames from being guessed (SECURITY-79 redux!) (SECURITY-110)
    Deadlock in OldDataMonitor (issue 24358)
    RemoteInvocationHandler.RPCRequest allows invoking any method on an exported object event those not exposed by the exported interface (SECURITY-150)

What's new in 1.565.2 (2014/09/03)

    Jenkins needs to check whether the war's directory is writeable before offering to upgrade (issue 23683)
    AbstractLazyLoadRunMap.iterator() calls .all() (issue 18065)
    Jenkins no longer kills running processes after job fails (issue 22641)
    HTTP error 405 when trying to restart ssh host (issue 23094)
    Run.delete (from LogRotator) failing with "...looks to have already been deleted" (issue 22395)
    file name encoding broken in zip archives (issue 20663)
    Kill win32 processes from win64 JVMs (issue 23410)

What's new in 1.565.1 (2014/07/30)

    Queue.maintain does disk I/O via PeepholePermalink.resolve (issue 22822)
    קorm too largećąerrors submitting view configurations with many jobs (issue 20327)
    NPE on plugin install (issue 20031)
    Link to the console output missing in popup when log >200Kb (issue 14264)
    Parameters: NPE in canTake() procedures may kill all executors (issue 15094)
    NPE from AbstractBuild$ (issue 23277)
    broken ProjectNamingStrategy Extension (issue 23127)
    Move DecoratedLauncher from the custom-tools plugin to the Jenkins Core (issue 19454)
    hudson.Launcher:ProcStarter::envs() may throw NPE (issue 20559)
    Resource leak in hudson.model.FileParameterValue (issue 22693)
    ReverseBuildTrigger.threshold not consistently saved (issue 23191)
    AccessRestriction on SecurityListener methods (issue 23417)
    After deleting folder, get 404 (issue 23375)
    email-ext plugin doesn't handle tokens when slave has gone offline: IAE from AbstractProject.getEnvironment (issue 23517)
    Jenkins cannot restart Windows service (issue 22685)
    Rules for showing/hiding SCMTrigger.pollingThreadCount option are broken (issue 22934)

What's new in 1.554.3 (2014/06/30)

    Queue.maintain does disk I/O via PeepholePermalink.resolve (issue 22822)
    Non-recursive ListViews unnecessarily call owner.getAllItems in getItems (issue 22720)
    SSH slave connections die after the slave outputs 4MB of stderr, usually during findbugs analysis (issue 22938)
    Jenkins cannot restart Windows service (issue 22685)

What's new in 1.554.2 (2014/05/30)

    Don't ask for confirmation when it doesn't make any sense (issue 21720)
    On a configure screen that has multiple groups of radio buttons, clicking the apply button clears all but the last radio group selection (issue 22570)
    Optimize creation of relative links to jobs (issue 18364)
    Jenkins asks for confirmation before leaving edited 'View Configuration' page (issue 20597)
    OutOfOrderBuildMonitor fails to correct builds with duplicate number (issue 22631)
    Computer does not exist returns NPE (issue 21999)
    Last build of project reloaded when project asked for later build (issue 22681)
    After clicking 'Apply' at least once, 'Save' opens a new window (issue 20245)
    hetero-radio should work with multiple instances of the same ui (issue 22583)
    Cannot submit configuration after removing groovy step (issue 22582)
    No autocompletion and NullPointerException when using 'Copy Existing Job' (issue 22142)

What's new in 1.554.1 (2014/04/30)

    NPE if trying to install a plugin from the update center and either the update source or the plugin contains a '.' in its name (issue 22080)
    Download update center from master by default (issue 19081)
    OutOfMemory due to unbounded storage in OldDataMonitor (issue 19544)
    Very slow resource loading from UberClassLoader (issue 21579)
    Jetty exploding war to /tmp is a bad idea (issue 22442)
    Performance issue with search box (issue 21969)
    ArrayIndexOutOfBoundsException during Jenkins.doConfigSubmit; need XStream 1.4.6 (issue 18537)
    NullPointerException when trying to mark slave temporarily offline (issue 21875)
    Build queue is not filtered after progress updated (issue 20500)
    copy-job permission checks wrong (issue 22262)

What's new in 1.532.3 (2014/04/11)

    Replace description in error dialog instead of appending (issue 21457)
    NPE from xstream.core.JVM.isOpenJDK (issue 21183)
    WorkspaceCleanupThread does not handle folders (issue 21023)
    Copy Artifact's fingerprinting creates second hudson.tasks.Fingerprinter_-FingerprintAction section with just the artifacts copied (issue 17606)
    /login offers link to /opensearch.xml which anonymous users cannot retrieve (issue 21254)
    Miscellaneous exceptions in config.xml can prevent entire job from loading (issue 21024)
    Jobs named "." can be created, but not built, configured, accessed, ... (issue 21639)
    DirectoryBrowserSupport.buildChildPaths does quadratic number of calls to check whether entries are directories (issue 21780)
    ZIP file download generates corrupt zip file (issue 20345)
    Update credentials plugin to 1.9.4 (issue 21820)
    Apply button does not work in IE Compat View (issue 19826)
    Deadlock while parallel deletion/rename of jobs (issue 19446)

What's new in 1.532.2 (2014/02/14)

    CannotResolveClassException breaks loading of entire containing folder, not just one job (issue 20951)
    Default markup formatter permits offsite-bound forms (SECURITY-88)
    Using jenkins-cli connecting to HTTPS port fails due to hostname mismatch in certificate (issue 12629)
    ApiTokenFilter does not check that the user actually exists (SECURITY-89)
    HTTP two-way remoting does not work (jenkins-cli.jar without JNLP) (issue 20128)
    Slave launcher fails after NoClassDefFoundError: Could not initialize class jenkins.model.Jenkins$MasterComputer (issue 19453)
    StreamCorruptedException (issue 8856)
    UI Redressing/ClickJacking (SECURITY-80)
    Fail to run 'groovysh' in CLI due to insufficient permission (issue 17929)
    Loading projects too slow because of File.isDirectory calls (issue 21078)
    HTML metacharacters not escaped in log messages (issue 20800)
    Channel's executorService's pool should have a name (issue 19004)
    ListView.expand throws ClassCastException: ćącannot be cast to hudson.model.TopLevelItem (issue 20415)
    Stored XSS (SECURITY-74)
    Session Fixation (SECURITY-75)
    /heapDump offered to anyone with ADMINISTER (SECURITY-73)
    Username Guessing/Enumeration (SECURITY-79)
    RingBufferLogHandler throws ArrayIndexOutOfBoundsException after int-overflow (issue 9120)
    Iframe Injection (SECURITY-76)
    Reflected XSS in Cookie (SECURITY-77)
    l:breakable mishandles HTML metacharacters (issue 20928)
    Start JNLP slave ignores jar-cache flag (issue 20093)
    Stored passwords can be read out from UIs with password fields (SECURITY-93)
    Too many open files upon HTTP listener init or shutdown (issue 14336)
    Extension point for secure users of Api (issue 16936)
    'Apply' error screens don't work (issue 20772)
    Workspaces seem to be removed prematurely on concurrent jobs (issue 10615)
    Job creators are able to edit or destroy the system configuration via the CLI (SECURITY-108)
    Disable\Delete "Remember me on this computer" check box in login screen (issue 15757)
    SECURITY-55 fails if downstream project not visible (SECURITY-109)
    Builds disappear some time after renaming job (issue 18678)
    Use RunAction2 from TestResultAction (issue 18410)
    java.lang.NoClassDefFoundError: sun/net/www/protocol/jar/JarURLConnection (issue 20163)
    Remote code execution via xstream deserialization in XML API (SECURITY-105)
    Jenkins on winstone vulnerable to session hijacking (SECURITY-106)
    Jenkins allows anonymous access if the Authorization Strategy can't be loaded (SECURITY-107)
    you cannot use the cli without giving Overall read to Anonymous (issue 8815)

Revision 1.14 / (download) - annotate - [select for diffs], Fri Jan 24 18:42:49 2014 UTC (4 years, 11 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.13: +4 -4 lines
Diff to previous 1.13 (colored)

Update to 1.532.1

What's new in 1.532.1 (2013/11/25)

    Collecting findbugs analysis results occasionally causes ssh slave to go offline causing job to abort (issue 19619)
    Bytecode compatibility transformer mistakenly corrupts org.apache.ivy.core.settings.IvySettings.triggers (issue 19383)
    Functions.globalIota overflow (issue 20085)
    Upgrade bundled versions of credentials, ssh-credentials and ssh-slaves plugins (issue 19945)
    /me/my-views/editDescription may be used by any user to set global description (issue 18633)
    Missing base directory in ZIP from .../artifact/dir/subdir/*zip*/ (issue 19947)
    After deleting last build, next build of last build is zombie (issue 19920)
    Upgrade error to 1.531: PROXY_HEADER is null (issue 19613)
    Upgrade bundled versions of credentials and ssh-slaves so we can assume available (issue 20071)
    Collecting finbugs analysis results randomly fails with exception (issue 18879)
    ViewJobFilter.filter expect "All jobs that are possible." but don't get recursive ones (issue 20143)
    Download build artifacts as zip generates a corrupted file (issue 19752)
    Jenkins redirecting from https to http (issue 10675) Unexpected termination of the channel (issue 18836)
    When installing a plugin and the needed dependencies have compatibility issues, warn the user (issue 19739)
    Installing a plugin with optional dependencies doesn't upgrade the optional dependencies when needed (issue 19736)
    After upgrade from 1.519 to 1.526 -> NumberFormatException occurs during maven 3 build (issue 19251)

What's new in 1.509.4 (2013/10/09)

    Configurable loggers should capture messages on slaves (issue 18274)
    @RequirePOST and similar should send a 405 (issue 16918)
    Using jenkins-cli connecting to HTTPS port fails due to hostname mismatch in certificate (issue 12629)
    [XStream] ConcurrentModificationException from DefaultConverterLookup (issue 18775)
    @QueryParameter with @RelativePath broken (issue 18776)
    fingerprint are truncated (issue 19515)
    Environment variable replacement/resolving (issue 16660)
    failed to archive slave artifacts. Unexpected end of ZLIB input stream (issue 19473)
    winstone.ClientSocketException: Failed to write to client (issue 10524)
    /log/all polluted with FINE* messages from other loggers (issue 18959)
    Incorrect redirect after editing view with Unicode name (issue 18373)
    Flyweight jobs and zero executors (issue 7291)
    ERR_CONTENT_DECODING_FAILED on Custom Views with Project-based Matrix Authorization (issue 15437)
    Buttons do not work in IE 11 (issue 19171)
    CLI login command fails on Windows (issue 19192)
    Problems with "Latest Test Result" and "Aggregated Test Result" links (issue 9637)
    Exception while trigger downstream projects (issue 17247)
    Maven 2 jobs fail (exception in MavenFingerprinter) (issue 18441)
    Outdated JRuby libs (issue 14351)
    Deadlock (issue 18589)
    When copying folder, display names of contained jobs are gratuitously cleared (issue 18074)
    Incorrect redirection after delete of job in folder in view (issue 17575)
    Javadoc project action yields HTTP 404 (issue 19168)
    Memory exhaustion parsing large test stdio from Surefire (issue 15382)
    With lazy-build loading estimated build duration may become expensive (issue 18196)
    Can't build using maven 3.1.0 (issue 15935)
    Cannot create a custom logger matching any namespace (issue 17983)
    Clean up fingerprint records that correspond to the deleted build recods (issue 18417)
    "projects tied to slave" shows unrelated maven module jobs (issue 17451) anonymous is missing the Administer permission (issue 15578)
    Ł®y Views" links leads to 404 Not Found (issue 17317)
    Some jobs not loaded after jenkins restart: java.lang.NoSuchFieldError: triggers (issue 18677)
    New lazy loading permalinks can break job.lastStableBuild != null => job.lastSuccessfulBuild != null (issue 18846)

Revision 1.13 / (download) - annotate - [select for diffs], Sat Sep 28 23:19:43 2013 UTC (5 years, 3 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.12: +4 -4 lines
Diff to previous 1.12 (colored)

Update to 1.509.3

What's new in 1.509.3 (2013/09/09)

    Standalone install does not work with Apache + mod_proxy_ajp + SSL (issue 5753)
    Reload configuration from disk no longer works after upgrade to Jenkins 1.512. (issue 17977)
    Build Now link on MultiJob page doesn't work (issue 16974)
    Add descriptions for custom tools (issue 18771)
    Lazy loading causes massive delays after a period of inactivity when loading dashboard (issue 16023)
    NPE running matrix job (issue 18024)
    LastSuccessful and LastStable symlinks are invalid under Windows (issue 17681)
    IllegalStateException from MavenProject.getParent can break MavenFingerprinter.recordParents (issue 17775)
    NPE (isEmpty) from main.groovy (issue 15309)
    DependencyClassLoader#getTransitiveDependencies returns disabled plugins (issue 18654)
    parameter description don't use MarkupFormatter (issue 18427)
    Incompatible signature change in 1.489: AbstractProject.doBuild (issue 18356)
    Display Name is not shown (issue 17715)
    Fingerprint throws exceptions on 1.518 (issue 18337)
    FingerprintAction deserialization leads to NPE (issue 17125)
    update view via REST API doesn't work (issue 17302)
    MavenModuleSetBuild.getResult is expensive (issue 18895)
    Builds disappear from jobs - hudson.util.IOException2: Invalid directory name - java.text.ParseException: Unparseable date: "39" (issue 15587)
    Outdated JRuby libs (issue 14351)
    Fingerprint performance (issue 16301)
    10,000+ jobs tied to a label make Node index page unusably unresponsive (issue 18660)
    "Delete Project" link fails with 403 Exception: No valid crumb was included in the request (issue 18032)
    Manually uploaded plugins are incorrectly unpacked (issue 4543)
    Decorated Launcher Does Not Maintain "isUnix" for RemoteLauncher (issue 18368)
    Test harness packs copies of Maven into plugin archive (issue 18918)
    All Maven 2 builds fail with java.lang.NoSuchMethodError DigestUtils.md5Hex (issue 18178)

Revision 1.12 / (download) - annotate - [select for diffs], Sat Jul 6 09:52:29 2013 UTC (5 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.11: +4 -4 lines
Diff to previous 1.11 (colored)

Update to 1.509.2

What's new in 1.509.2 (2013/06/27)

    Quoting Issue with JDK Installer with Windows Slave (issue 5408)
    /about no longer shows third-party licenses (issue 17724)
    Failed to instantiate class hudson.plugins.copyartifact.CopyArtifact (issue 17402)
    ArrayIndexOutOfBoundsException from (issue 15652)
    Dashboard web pages don't render correctly in Chrome because of bad cache/session (issue 17684)
    NPE from MatrixConfiguration.newBuild (issue 17728)

Revision 1.11 / (download) - annotate - [select for diffs], Thu May 9 15:16:55 2013 UTC (5 years, 8 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored)

Update to 1.509.1

What's new in 1.509.1 (2013/05/01)

    FilePath.installIfNecessaryFrom routes download over remoting channel (issue 17330)
    Add 'Are you sure' on Reload configuration from disk (issue 15340)
    MavenAbstractArtifactRecord.doRedeploy should require POST (SECURITY-69)
    Hover-over "Build Now" broken for parameterized jobs: "This page expects a form submission" (issue 17110)
    XSS issue, where an internal attacker can cause a remote stylesheet to be loaded and containing scripts executed. (SECURITY-67)
    CVE-2013-1808 stapler-adjunct-zeroclipboard: XSS via copying XSS payload into buffer (SECURITY-71)
    Jenkins.doEval checks ADMINISTER rather than RUN_SCRIPTS; doScript CSRF (SECURITY-63)
    Jenkins is no more WinXP compliant : CreateSymbolicLinkW is not available (issue 17343)

Revision / (download) - annotate - [select for diffs], Thu Feb 21 19:53:28 2013 UTC (5 years, 10 months ago) by tron
Branch: pkgsrc-2012Q4
Changes since +3 -3 lines
Diff to previous (colored) to branchpoint 1.8 (colored) next main 1.9 (colored)

Pullup ticket #4075 - requested by ryoon
devel/jenkins: security update

Revisions pulled up:
- devel/jenkins/Makefile                                        1.12
- devel/jenkins/PLIST                                           1.9
- devel/jenkins/distinfo                                        1.10

   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Tue Feb 19 18:21:41 UTC 2013

   Modified Files:
   	pkgsrc/devel/jenkins: Makefile PLIST distinfo

   Log Message:
   Update to 1.480.3

   * Fix

   What's new in 1.480.3 (2013/02/15)

       "Remember me on this computer" does not work, cookie is not accepted in new session (issue 16278)
       Slow/hung web UI in 1.483+ (stuck in parseURI) (issue 16474)
       Failure to delete old config files during rekeying on Windows (issue 16319)
       NoClassDefFoundError on Base64 when launching an headless slave with -jnlpCredential option (issue 9679)
       Loading asynchPeople calls (synch) People constructor (issue 16397)
       Jenkins briefly displays build queue and then it disappears until the page is reloaded (issue 15335)
       View.hasPeople too slow to use in sidepanel.jelly (issue 16244)
       XSS (SECURITY-46)
       File parameter causing data lost after Jenkins restart (issue 13536)

Revision 1.10 / (download) - annotate - [select for diffs], Tue Feb 19 18:21:41 2013 UTC (5 years, 10 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.9: +4 -4 lines
Diff to previous 1.9 (colored)

Update to 1.480.3

* Fix

What's new in 1.480.3 (2013/02/15)

    "Remember me on this computer" does not work, cookie is not accepted in new session (issue 16278)
    Slow/hung web UI in 1.483+ (stuck in parseURI) (issue 16474)
    Failure to delete old config files during rekeying on Windows (issue 16319)
    NoClassDefFoundError on Base64 when launching an headless slave with -jnlpCredential option (issue 9679)
    Loading asynchPeople calls (synch) People constructor (issue 16397)
    Jenkins briefly displays build queue and then it disappears until the page is reloaded (issue 15335)
    View.hasPeople too slow to use in sidepanel.jelly (issue 16244)
    File parameter causing data lost after Jenkins restart (issue 13536)

Revision / (download) - annotate - [select for diffs], Sat Jan 12 21:25:56 2013 UTC (6 years ago) by tron
Branch: pkgsrc-2012Q4
Changes since 1.8: +4 -4 lines
Diff to previous 1.8 (colored)

Pullup ticket #4009 - requested by ryoon
devel/jenkins: security update

Revisions pulled up:
- devel/jenkins/Makefile                                        1.11
- devel/jenkins/distinfo                                        1.9

   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Sat Jan 12 11:16:26 UTC 2013

   Modified Files:
   	pkgsrc/devel/jenkins: Makefile distinfo

   Log Message:
   Update to 1.480.2

   Fix .

   What's new in 1.480.2 (2013/01/06)
       The master key that was protecting all the sensitive data in $JENKINS_HOME was vulnerable. (SECURITY-49)

Revision 1.9 / (download) - annotate - [select for diffs], Sat Jan 12 11:16:26 2013 UTC (6 years ago) by ryoon
Branch: MAIN
Changes since 1.8: +4 -4 lines
Diff to previous 1.8 (colored)

Update to 1.480.2

Fix .

What's new in 1.480.2 (2013/01/06)
    The master key that was protecting all the sensitive data in $JENKINS_HOME was vulnerable. (SECURITY-49)

Revision 1.8 / (download) - annotate - [select for diffs], Mon Nov 26 14:22:14 2012 UTC (6 years, 1 month ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base
Branch point for: pkgsrc-2012Q4
Changes since 1.7: +4 -4 lines
Diff to previous 1.7 (colored)

Update to 1.480.1

What's new in 1.480.1 (2012/11/17)

    FilePath.validateAntFileMask too slow for /configure (issue 7214) (issue 14667)
    Log recorders do not work reliably (issue 15226)
    Invalid JSON is produced during remote api operations when a changeSet contains duplicate keys. (issue 13336)
    Memory exhaustion parsing large test stdio from Surefire (issue 15382)
    Fixed security vulnerabilities. (SECURITY-43,SECURITY-44,SECURITY-45)

Revision 1.7 / (download) - annotate - [select for diffs], Wed Sep 19 11:09:54 2012 UTC (6 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored)

Update to 1.466.2

* Fix two security bugs

Changes in 1.466.2 is unavailable.

What's new in 1.466.1 (2012/07/23)

    A current active build in the build history is lost if the job configuration XML uploaded (issue 12318)
    UnprotectedRootAction doesn't work for /github-webhook/ (issue 14113)
    ERR_CONTENT_DECODING_FAILED returned on testResults and console output after Jenkins reload (issue 13625)
    Cannot parse coverage results Premature end of file. (issue 11251)

Revision 1.6 / (download) - annotate - [select for diffs], Fri Jul 13 18:41:45 2012 UTC (6 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.5: +4 -4 lines
Diff to previous 1.5 (colored)

Update to 1.447.2

What's new in 1.447.2 (2012/06/11)

    Guice injector failure can cause failure of whole Jenkins (issue 13448)
    Jenkins runs out of file descriptors (winstone problem) (issue 9882)
    Parsing of POM happens before SNAPSHOT-Parents are updated (issue 8663)
    Loading All Build History Fails (issue 13238)

Revision 1.5 / (download) - annotate - [select for diffs], Thu May 24 18:12:11 2012 UTC (6 years, 7 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)

Update to 1.447.1

What's new in 1.447.1 (2012/03/28)

    File handle leak in serving static files (issue 13097)
    LDAP config error (issue 8152)
    jenkins running in Tomcat doesn't initalize slf4j properly (issue 12650)
    java.lang.NoClassDefFoundError: org.slf4j.impl.StaticLoggerBinder (issue 12446)
    Remote call on CLI channel from [ip] failed (issue 12302)
    jenkins does not start in jboss container (issue 12334)

Revision 1.4 / (download) - annotate - [select for diffs], Sun Mar 11 11:44:37 2012 UTC (6 years, 10 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored)

Update to 1.424.6

* Fix security bug in Jenkins Core.

Revision 1.3 / (download) - annotate - [select for diffs], Fri Mar 2 06:55:40 2012 UTC (6 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)

Update to 1.424.3

What's new in 1.424.3 (2012/02/27)
    upgrade Apache Maven Wagon to 2.0 (issue 11164)
    ERROR at Matrix-based security (issue 9519)
    NPE: Failed to record SCM polling (issue 11592)
    JDK Auto install throws FATAL: org/apache/xml/utils/PrefixResolver (issue 11420)
    NoSuchMethodError on slf4j (issue 11960)

Revision / (download) - annotate - [select for diffs], Thu Jan 19 22:26:27 2012 UTC (7 years ago) by tron
Branch: pkgsrc-2011Q4
Changes since +3 -3 lines
Diff to previous (colored) next main 1.2 (colored)

Pullup ticket #3657 - requested by ryoon
devel/jenkins: security update

Revisions pulled up:
- devel/jenkins/Makefile                                        1.3
- devel/jenkins/PLIST                                           1.2
- devel/jenkins/distinfo                                        1.2

   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Thu Jan 19 14:39:21 UTC 2012

   Modified Files:
   	pkgsrc/devel/jenkins: Makefile PLIST distinfo

   Log Message:
   Update to 1.424.2

   * This release contains security fix.

   * Viewing large console logs with timestamper plugin cause Jenkins
     to crash (issue 9349)
   * Maven3 parallel build fails with java.util.ConcurrentModificationException
     in Jenkins (issue 11256)
   * Jenkins PID changes after restart (issue 11742)
   * Running Jenkins with the bundeled Winstone is succeptible to the hash table
     attack (SECURITY-22)

Revision 1.2 / (download) - annotate - [select for diffs], Thu Jan 19 14:39:21 2012 UTC (7 years ago) by ryoon
Branch: MAIN
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored)

Update to 1.424.2

* This release contains security fix.

* Viewing large console logs with timestamper plugin cause Jenkins
  to crash (issue 9349)
* Maven3 parallel build fails with java.util.ConcurrentModificationException
  in Jenkins (issue 11256)
* Jenkins PID changes after restart (issue 11742)
* Running Jenkins with the bundeled Winstone is succeptible to the hash table
  attack (SECURITY-22)

Revision / (download) - annotate - [select for diffs] (vendor branch), Thu Dec 8 14:09:25 2011 UTC (7 years, 1 month ago) by ryoon
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2011Q4-base
Branch point for: pkgsrc-2011Q4
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Import jenkins-1.424.1 as devel/jenkins

Jenkins is an award-winning application that monitors executions
of repeated jobs, such as building a software project or jobs run
by cron. Among those things, current Jenkins focuses on the following
two jobs:

1. Building/testing software projects continuously, just like
CruiseControl or DamageControl. In a nutshell, Jenkins provides an
easy-to-use so-called continuous integration system, making it
easier for developers to integrate changes to the project, and
making it easier for users to obtain a fresh build. The automated,
continuous build increases the productivity.

2. Monitoring executions of externally-run jobs, such as cron jobs
and procmail jobs, even those that are run on a remote machine.
For example, with cron, all you receive is regular e-mails that
capture the output, and it is up to you to look at them diligently
and notice when it broke. Jenkins keeps those outputs and makes it
easy for you to notice when something is wrong.

This is Long-Term Support Release.

Tested on NetBSD/i386 5.99.58 with apache-tomcat7 and openjdk7.

Revision 1.1 / (download) - annotate - [select for diffs], Thu Dec 8 14:09:25 2011 UTC (7 years, 1 month ago) by ryoon
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>