Changelog Archive

Enhancement

Modernize progress bar UI in various locations. JENKINS-69113
Add ability for custom update centers to override the suggested plugin list. pull 8951
Enable readonly mode for dropdown menus when using the Extended Read Permission plugin. pull 8955

Bug fix

Restore progress animation in build history and build time trend views (regression in 2.434). JENKINS-72711
Admin monitor does not animate on page load (regression in 2.445). pull 8954

Enhancement

Make the Agent/Provision permission available in the global Security configuration when using matrix-based authorization strategies. JENKINS-72637
Remove the extra margin when viewing in read only mode. pull 8938
Create an index page for heap dump creation. pull 8929
Developer: Grant access to more FilePath APIs. pull 8924

Bug fix

Allow button clicks after closing an administrative monitor popup. JENKINS-72679

Security

Important security fix. 2024-03-20 security advisory

Enhancement

Prevent authenticated access to Resource Root URL. JENKINS-72636
Upgrade Winstone to 6.18 in order to update Jetty from 10.0.18 to 10.0.20. Winstone 6.15 changelog, Winstone 6.16 changelog, Winstone 6.17 changelog, Winstone 6.18 changelog, Jetty 10.0.18 changelog, Jetty 10.0.19 changelog, Jetty 10.0.20 changelog
Developer: Unrestricted FilePath.isDescendant pull 8913
Introduce an API to be used by the Folders plugin to fix some corner cases involving branch project reloading. JENKINS-72613

Bug fix

Improve locale parsing for loading of localised help files. JENKINS-72627
Support noCertificateCheck with webSocket on the CLI. JENKINS-72532
Show error message in progressive logs on 4xx status codes. JENKINS-72509
Avoid stacktrace from artifactarchiver when no artifacts are found. JENKINS-71700

Bug fix

Find selected radio option when validating instead of the last one. JENKINS-72505
Fix missing folder icons. JENKINS-72407
A security fix in 2.394 caused a substantial slowdown in displaying build artifacts when using remote artifact managers such as in S3. pull 8874
Adjust heap dump file name for compatibility with OpenJDK file suffix requirements. JENKINS-72579

Enhancement

Update the bundled Matrix Project Plugin from 818.v7eb_e657db_924 to 822.824.v14451b_c0fd42. JENKINS-72603

Security

Important security fixes. security advisory

Enhancement

Update operating system end of life data for Amazon Linux, Alpine Linux, and Fedora Linux. pull 8864
Remove unused material icons. pull 8831

Bug fix

Fix build button rendering for Dashboard View plugin. pull 8854
Change focus in the new item page only if from has a valid job name. JENKINS-66530

Enhancement

Add an Appearance category to the setup wizard. pull 8822
BootFailure subclasses can now override the Jenkins startup failure page. pull 8442
Reduce the window of time during which a crash may lead to an inconsistent state on Linux. pull 8815
Update the appearance of controls in header. pull 8791
Allow icon size to be changed in the node overview table. pull 8802

Bug fix

Remove code that may have caused an agent-side hang under a rare race condition. Remoting PR 713
Reduce the likelihood of thread creation errors on agents. Remoting PR 717

Bug fix

Avoid repeated tool downloads from misconfigured HTTP servers. JENKINS-72469
Fix SimpleScheduledRetentionStrategy on inbound agents. Allow suspended inbound agents to again accept tasks when they are reconnected and the configured scheduling policy is enabled. JENKINS-72370

Enhancement

Update the appearance of the stop button. pull 8780
Use a notification and Jenkins modal for 'Apply' button failures. pull 8394

Bug fix

Display correct time zone in build history. JENKINS-71965
The tunnel property on an inbound agent was inadvertently broken for JCasC usage in 2.437. It remains deprecated and usages should be deleted (regression in 2.437). pull 8793

Enhancement

Add telemetry for basic Java system properties describing the environment. pull 8787
Restyle widget panes. pull 8761
Rework node monitor configuration. JENKINS-72371
Ensure uptime is independent of system clock. JENKINS-72157
Show monitoring data on agent page. pull 8725
Deprecate all configurable options in **Launch agent by connecting it to the controller** (inbound in JCasC), as these are only useful in conjunction with the deprecated jnlpUrl mode. pull 8762
The jnlpUrl ${JENKINS_URL}/computer/${AGENT_NAME}/jenkinsagent.jnlp argument to the agent JAR has been deprecated. Use url ${JENKINS_URL} and name ${AGENT_NAME} instead, potentially also passing in webSocket, tunnel, and/or work directory options as needed. pull 8773
Developer: Allow replacing onclick attributes containing inline JS on l:task with datacallback. JENKINS-60866
Allow users to make side panel sticky. JENKINS-71578

Bug fix

Display strings consistently in the requested language when running Jenkins in a JVM with a non-english locale. JENKINS-72449
Fix nested job link in mobile view. JENKINS-72288
Do not show option to copy items when there are no items visible. JENKINS-72443

Bug fix

Prevent a deadlock that can occur when loading PermalinkProjectAction.Permalink. pull 8736

Enhancement

Accept all 2xx and 3xx status codes to validate proxy in HTTP Proxy Configuration JENKINS-72343
Tweak font styling to remove anti-aliasing. pull 8689
Make display name of HistoryWidget configurable for alternate text. pull 8740
Move the proxy configuration form to its own screen. pull 8693
Developer: A new convenience method ExtensionList.lookupFirst allows retrieval of the first implementation of an extension point. pull 8735

Bug fix

Fix redirect when renaming a cloud. JENKINS-71737
Avoid incorrect styling when deleting the first of two shell steps in a job definition. JENKINS-72196

Enhancement

Refine build status icons. pull 8705
FIPS mode now requires a minimum of 14 characters for a password. pull 8694
Allow configuration of disk thresholds globally and for each agent. Improve warning when disk space is too low. Ensure agents are taken offline when disk space is low. JENKINS-72009
Fail fast when attempting to load a broken plugin that contains the Jenkins test harness in production. pull 8714
Add support for Unix domain sockets. pull 442 (packaging)

Enhancement

Deactivate the administrative monitor when all previously offline agents are again online. JENKINS-72159
Prepare node monitors to work with configuration as code. JENKINS-64816
Introduce an API for build visualization plugins to serve alternative build console views and an API for plugins to produce links to the build console. JENKINS-71715

Enhancement

Stop recommending JNLP URL in agent launch instructions. pull 8639
Removed deprecated and unused class UserProperties. pull 8679

Bug fix

Some agent-related objects could be kept in memory after being disconnected and removed from the computer list. pull 8640

Enhancement

Remove build timeline widget from the build history pages of views, jobs, and agents. JENKINS-60866
More consistently report errors launching outbound agents. pull 8675
Warn users at 12 months prior to end of Java support and again at 3 months prior to end of Java support. JENKINS-72252
Add support for Unix Domain Sockets. Upgrade Jetty from 10.0.17 to 10.0.18. JENKINS-72266

Bug fix

Fix drag and drop handles for existing repeatables (regression in 2.335). JENKINS-72189
Refer to the correct option in the security configuration help text. JENKINS-72222
Restore security configuration help text and remove obsolete help text. pull 8630

Enhancement

Turkish localization fixes for build, login, and user management pages. pull 8651, pull 8631
Fix a minor memory leak in a Remoting log statement. Add forward proxy support for WebSocket. Support custom certificate options for WebSocket. pull 8643

Enhancement

Prevent trimming HMAC codes (using HAMCConfidentialKey) when running in FIPS mode only. pull 8612

Bug fix

Restore printing output from println and similar methods for the groovy CLI command (regression in 2.427). JENKINS-72181
Show the description of boolean build parameter values on the Parameters view (regression in 2.179). JENKINS-72179

Security

Important security fix. 2023-10-18 security advisory

Major enhancement

Add missing *_fr.properties in win32errors and hudson, lib, and Jenkins resources. Translate hudson/Messages.properties, hudson/model/Messages.properties, and jenkins/model/Messages.properties into French. pull 8594, pull 8595, pull 8578, pull 8577

Enhancement

Add telemetry for Jenkins uptime. pull 8596
Upgrade Winstone from 6.12 to 6.14. This includes the upgrade of Jetty from 10.0.15 to 10.0.17. The Jetty upgrade includes fixes for several CVEs. Winstone 6.13 changelog, Winstone 6.14 changelog, Jetty 10.0.16 changelog, Jetty 10.0.17 changelog, CVE-2023-44487
Developer: Formalize an interface for objects that can be loaded from disk. JENKINS-72107
Developer: Allow plugins to define a custom Lifecycle. JENKINS-72111

Bug fix

Fix multibranch Pipeline Add source and other uses that mix inputs and buttons (regression in 2.422). JENKINS-72170
Allow clouds to be reordered. This was previously possible, but disappeared when the cloud management was moved to a separate page (regression in 2.403). JENKINS-72020

Bug fix

Fix agent allocation due to label issue detected by vSphere Cloud plugin (regression in 2.421). JENKINS-71937
Show form validation results for form elements that are initially hidden. (regression in 2.355). JENKINS-71252
Remove previous form validation errors when the form validation is updated with new content. (regression in 2.355). JENKINS-71252

Enhancement

Disable anonymous usage statistics when run in FIPS mode. pull 8483, JEP-237
Developer: HudsonPrivateSecurityRealm objects are now serializable. JENKINS-72114
Developer: Add extension point to notify about in-process scripting events. JENKINS-41516
Developer: Optionally support a FIPS140 compliant algorithm in the Jenkins' own user database. JENKINS-71971 , pull 8393, JEP-237

Major enhancement

Remove outdated Prototype.js library. JENKINS-70906 , pull 7781, blog post
Use Java 17 as the default Java version in container images that do not specify a Java version in the container label. Docker pull request 1724

Enhancement

Automate the display of an administrative monitor when approaching Java end of life (EOL) dates. pull 8526
Optimized project deletion. pull 8528
Stop shipping net.sf.kxml:kxml2 because Jenkins no longer depends on it. pull 8503
Developer: introduce FIPS property for JEP-237 Jenkins Enhancement Proposal 237

Bug fix

Reduce high memory usage from XStream2.AssociatedConverterImpl (regression in 2.405). JENKINS-72067
Developer: Added setters for View#filterExecutor and View#filterQueue. Fix missing help sections for view filter executor and queue fields. pull 8511

Enhancement

Allow alternate values for "Build with Parameters" and the "Build" button on the parameters page. JENKINS-71866
Small speculative optimization in build loading. pull 8494
The minimum required Remoting version has been increased to 4.13 (released on March 4, 2022). pull 8484
Developer: Provide programmatic deletion support for LogRecorder. pull 8489

Bug fix

Prevent log spam when using the Jenkins security database and users signup. pull 8474
Show a confirmation popup when triggering l:task action from context menu. JENKINS-71880
Restore context menus of model links in build history views and in administrative monitors. (regression in 2.402). JENKINS-71890
Hide the delete button from the only repeatable element in configuration forms when at least one element is expected (regression in 2.344). JENKINS-72018
Do not create a large number of threads when making numerous HTTP requests. JENKINS-72016

Security

Important security fixes. security advisory

Enhancement

Move node monitoring option to app bar. pull 8381
Developer: make branding an extension via SimplePageDecorator. pull 8462

Bug fix

Symbols display in breadcrumbs now. JENKINS-71983

Major bug fix

Prevent incorrect readResolve implementations from breaking agent label parsing. pull 8448

Enhancement

Update several buttons and menus to replace YahooUI in more locations. pull 8418
List plugins in deterministic order to improve diagnosability of plugin linkage errors. JENKINS-71950
Add telemetry collecting basic information about the security configuration. pull 8440
Update Turkish localization for the new job page. pull 8446
Upgrade to Winstone 6.13 to include Jetty 10.0.16. Winstone 6.13 release notes, Jetty 10.0.16 changelog
Developer: Initialize default view slightly earlier in the initialization process. pull 8413

Major enhancement

Add a nicer 404 error page. JENKINS-71087

Enhancement

Add appearance system configuration page. pull 8403
Optimize performance of label parsing. pull 8395

Bug fix

Fix invalid CSS which caused some buttons to become invisible on hover. JENKINS-71479
Message no longer appears twice when the agentLog option is used. JENKINS-38520

Enhancement

Move plugins page title into sidebar so that plugins app bar is at the top of the page. pull 8376
Remove eval call in hudsonbehavior.js. JENKINS-71514
Update Turkish localizations for the job configuration page. pull 8368
Refresh link design. pull 8375
Display a notice when plugin updates are available or when there are no plugins installed. pull 8208
Update the design of the content blocks. pull 8363
Remove the unnecessary hashelp class additions from hudsonbehaviour.js. pull 8355
Deprecate findAncestor and findAncestorClass in hudsonbehaviour.js. pull 8357

Bug fix

Hide administrative monitors icons/popup in the header of Manage Jenkins, as they're shown directly on the page. JENKINS-71848
The plain text console log will still be printed even if some console annotations are corrupt. JENKINS-61452
Fix link to job in the message informing administrators of trigger computations that run for an unusually long time. JENKINS-71833

Enhancement

Remove the addition of the 'has-help' class from hudson-behaviour.js. pull 8355
Display a notice when there are plugins installed or updates available. pull 8208
Update the design of the content blocks. pull 8363
Deprecate findAncestor and findAncestorClass in hudson-behaviour.js. pull 8357

Bug fix

Use standard size node icon even with long node names. pull 8089

Bug fix

New login page breaks login theme plugin. JENKINS-71238
Fix "Manage Jenkins" context menu (regression in 2.415). JENKINS-71744
Fix mistranslation of Japanese message in mailing list reference. pull 8324

Enhancement

Small optimization in computer list. pull 8299
Remove the treeview option for artifactList. JENKINS-71054
Remove a workaround that was only necessary for OpenJDK 11.0.16 and earlier. pull 8193
Use new jenkins-button styling for 'expandableTextbox' button. pull 8180
Log agent usage by job. pull 8283
Make tab panes accessible via keyboard. JENKINS-71496
Remove System V initialization scripts from RPM based installers. The System V initialization scripts were replaced in March 2022 with systemd initialization. RPM users with a custom log directory no longer have a logrotate(8) configuration out-of-the-box. pull 409 (packaging), Linux install packages migrated from System V init to systemd
Add allow-same-origin to the sandbox ContentSecurityPolicy directive of workspace and artifact browsers if the Resource Root URL feature is not used. Allow requests to resources like stylesheets and images, even if a reverse proxy prohibits cross-site requests. JENKINS-71366

Bug fix

Add the X-Content-Type-Options HTTP header to the response from the agent listener. Silence security scanners that incorrectly report an issue when the HTTP header is missing. JENKINS-71186
Only disable the plugin manager "install" button if no plugins are selected (regression in 2.414). JENKINS-71698

Security

Important security fix. security advisory

Major enhancement

Replace browser confirm with modal dialogs in many places. JENKINS-71438
Developer: API for alert, confirm, prompt, modal and form dialogs JENKINS-71438

Enhancement

Add last build status to job page. pull 8129
Remove the rebuild plugin from the setup wizard plugin selection. pull 8258
Remove long deprecated hudson.util.IOUtils#DIR_SEPARATOR, hudson.util.IOUtils#DIR_SEPARATOR_WINDOWS, hudson.util.IOUtils#DIR_SEPARATOR_UNIX, hudson.util.IOUtils#LINE_SEPARATOR, hudson.util.IOUtils#LINE_SEPARATOR_WINDOWS, and hudson.util.IOUtils#LINE_SEPARATOR_UNIX which are available from org.apache.commons.io.IOUtils. pull 7641

Bug fix

Estimate project duration accurately in more cases (regression in 2.407). pull 8233

Major enhancement

Allow cancelling the quiet down mode of a safe restart with an optional custom message for safe restarts (with new default message). Use a less dangerous color for the safeRestart banner. Allow setting the full prepareShutdown message instead of only the reason. Show a hint on the "Jenkins Unavailable" page about safe restarts. JENKINS-70059

Enhancement

Move the 'Update' and 'Install' buttons to the app bar. pull 8025
Improve CSP compatibility by uninlining javascript code. JENKINS-71034
Make the style of the legacy API token revoke button consistent with other buttons. pull 8210

Enhancement

Update appearance of buttons for password and secretTextarea matching 'jenkins-button's. pull 8179
Display a notice in the log manager page when no logs are available. pull 8186

Bug fix

Restore missing build history for external jobs (regression in 2.409). JENKINS-71553

Enhancement

Improve CSP compatibility. JENKINS-71042
Add or update MIME types for JavaScript files, JavaScript module files, AV1 Image File (AVIF) files, Web Open Font Format (WOFF) files, and WebAssembly files. Winstone 6.12 release notes
Improve CSP compatibility by removing inline JS event handlers. JENKINS-71040
Use CSS variables for logger colours. pull 8164

Enhancement

Update the Log Recorders interface. pull 8087
Add Japanese translation of Apply. pull 8140
Switch the doublelaunch checker to a regular administrative monitor. pull 8127

Bug fix

Remove animations on login page causing high CPU usage in some cases. JENKINS-71246

Enhancement

Improve sign in/register screens appearance on mobile. pull 7995
Developer: plugins can now contribute widgets for Computer, ComputerSet, View, Job. pull 7932

Bug fix

Allow user deletion from the trash can icon (regression in 2.405). JENKINS-71429
Fix a bug when searching for matching form elements (regression in 2.406). JENKINS-71383

Enhancement

Use jenkins-button for repeatable buttons. pull 7717
Add support for jakarta.inject annotations. pull 8065

Bug fix

Do not show Fedora 38 as an end of life operating system before actual end of life in 2024. JENKINS-71394
Hide the arrow next to the restart checkbox if the environment doesn't support it. pull 8076
Use correct update center proxy configuration hyperlink in error messages. JENKINS-71244

Bug fix

Jenkins 2.408 was not placed in the artifact repository or on the download site.

Enhancement

Warn administrators when their Linux operating system is approaching end of life. pull 7913
Announce early end of life for Red Hat Enterprise Linux 7 and its derivatives (like CentOS Linux 7, Scientific Linux 7, and Oracle Linux 7). pull 7913
Minor footer appearance tweaks. pull 7989
Developer: Make Cloud#reconfigure method public. pull 8053

Bug fix

Reduce the circumstances under which recent old builds will be loaded when starting new builds. pull 7998

Enhancement

Replace disconnect and system info symbols for agents. pull 8015
Developer: Expose UserSeedChangeListener extension point. pull 7997
Developer: do not call SaveableListener.fireOnChange anymore when reloading an AbstractItem. pull 7984
Developer: Support searches for matching form elements without the use of the Prototype JavaScript framework. pull 8008
Developer: Added a utility HttpServletFilter to the API. pull 7892

Bug fix

Prefix the name of input elements of ListView to prevent form submission issues when an Item (job) is named elements. JENKINS-71200

Enhancement

Adjust form label padding. pull 7962
Use dialogs to delete computers, views, clouds, users and logrecorders. JENKINS-13545
Improve class loading behavior looking up special formatters for XML configuration files. pull 7976
Upgrade from Guice 5 to 6. pull 7990, Guice 6.0.0 release notes
Developer: Queue items elements are now formalized using jenkins.model.queue.QueueItem. pull 7926

Bug fix

Restore support for ECharts API plugin (regression in 2.404). JENKINS-71236
Make "Skip to content" link visible through keyboard navigation. pull 7956
Fix support of clouds without a config.jelly file. pull 7972

Major enhancement

Revamp the sign-in and register pages. Add support for browser-native themes like darkmode. pull 7872

Enhancement

Make title sticky in legend. JENKINS-71177
Move plugins refresh button to app bar. pull 7770
Add a user experimental flag to run Jenkins without Prototype.js. Plugin authors should enable this flag and fix any issues that result from the removal of Prototype.js. In the future Prototype.js will be removed from Jenkins core. pull 7948

Bug fix

Fix the writing of emojis to XML (regression in 2.403). JENKINS-71182
Allow parameter positions to be reordered in job definitions (regression in 2.402). JENKINS-71089

Enhancement

Remove support for WebSocket agents when running inside Jetty 9. pull 7101
Align source code text and line numbers in views that render source code with the Prism plugin. JENKINS-70805
Rework clouds management into multiple pages to better scale to a large numbers of clouds. Users of EC2 Plugin should update it to version 2.0.7 or newer for compatibility. JENKINS-70729
Developer: The experimental projectViewNested view has been removed without replacement. JENKINS-70927

Bug fix

Show full width filter field for builds on pages less than 970 pixels wide. JENKINS-71115
Do not write NUL values to XML files. A technically illegal #x0 (NUL) could be written to Jenkins XML files but could no longer be read. Now the write will fail as well (regression in 2.398). JENKINS-71139
Fix the warning icon in the workspaces temporary directory message. JENKINS-71160
Do not display a list of page sections on the System page breadcrumb. JENKINS-71152
Add padding to the right side of the full width side panel. JENKINS-70115

Enhancement

Update appearance and framework for link dropdown menus. pull 7474
Remove duplicate section headers from the Tools page. Remove border at the top of the Tools page for consistency with other pages. pull 7716
Hide the filter field when there's no build in Build History Widget. JENKINS-70220
Upgrade Winstone from 6.10 to 6.11. This includes the upgrade of Jetty from 10.0.13 to 10.0.15. Winstone 6.11 release notes, Jetty 10.0.14 changelog, Jetty 10.0.15 changelog

Bug fix

Restore conditional rendering of headers in some pages and remove non-functional drag handle from some headers (regression in 2.335). JENKINS-71089

Enhancement

Add updates count badge to Updates sidebar item. pull 7084
Simplify loading of JavaScript and CSS. Users of OWASP DependencyTrack must upgrade to 4.3.1 or later, and users of ServiceNow CI/CD must upgrade to 2.1 or later. pull 7827
Upgrade Spring Framework from 5.3.26 to 5.3.27. Spring Framework 5.3.27 release notes

Bug fix

Properly iterate over class names in heterogeneous lists (regression in 2.400). pull 7845

Security

Important security fix. 2023-06-14 security advisory

Bug fix

Fix radio buttons in repeated blocks in configuration forms (regression in 2.391). JENKINS-70988
Fix null pointer exception on the "Manage Jenkins" page when HTTP/2 is enabled. JENKINS-70630

Enhancement

Sign WAR file and Windows installer with new code signing certificate. pull 358

Enhancement

Use a card layout instead of a table for the dashboard on mobile. pull 7581
Refresh the Build with Parameters interface. pull 7748

Bug fix

Support emoji in Job DSL scripts. JENKINS-69129

Enhancement

Add missing Turkish translations for plugins management page. pull 7767
Add missing Turkish translations for tools management page. pull 7762
Upgrade Spring Framework from 5.3.25 to 5.3.26. Spring framework BOM 5.3.26 release notes, pull 7760

Bug fix

Don't remove id inside symbol. JENKINS-70730
Fix "delete build" button text overflow. JENKINS-70809

Enhancement

Revamp icon legend as a modal. pull 7718
Remove the expand-button component as it's no longer used. pull 7732
Refresh the design of the About Jenkins page. pull 7712

Bug fix

Hide the Restart Jenkins checkbox in the update center if the controller doesn't support it. JENKINS-69489
Restore the New Node button in computer overview for users with node creation permission. JENKINS-70820
Suppress some noisy stack traces from ProcessTree. pull 7681
Avoid a ClassCastException from TokenBasedRememberMeServices2 (not known to occur in realistic environments). pull 7724
SlaveRestarter implementations are now only installed on static agents. Use Djenkins.slaves.restarter.JnlpSlaveRestarterInstaller.forceInstall=true to fall back to the previous behaviour in case of any issue. pull 7693

Enhancement

Introduce user experimental flags. JENKINS-69853
The stopbuilds command did nothing if the last build of the job was already finished, even while earlier builds were running. pull 7679
Add copy button to Jenkins home directory. pull 7678
Simplify the names of the settings in Manage Jenkins. pull 7661

Bug fix

Adjust websocket idle timeout to 60s seconds by default to avoid "WebSocketTimeoutException: Connection Idle Timeout" issues. Idle timeout is configurable via jenkins.websocket.idleTimeout=<timeoutInSeconds>. JENKINS-69955

Security

Important security fixes. security advisory

Enhancement

Limit the maximum number of search results.

Bug fix

Disable unwanted browser form validation. JENKINS-70662
Restore installNecessaryPlugins redirect destination. JENKINS-70599

Enhancement

Warn user that copy button requires HTTPS. JENKINS-21052

Enhancement

Add a copy button for the code snippets that start agents. pull 7625
Update bundled plugins to include fixes announced in 20230124 and 20230215 Jenkins security advisories. pull 7651, 2023-01-24 security advisory, 2023-02-15 security advisory
Developer: Ensure required Jelly arguments are correctly labeled as required. pull 7644

Enhancement

The default connection mode for the Java CLI client is now webSocket. You can specify http to continue to use the former default (for example because you are running Jenkins in a servlet container other than the recommended builtin Jetty, or because you are running an unusual reverse proxy which does not support WebSocket). You can also continue to specify ssh to use SSH transport (for example because you prefer to authenticate with a private key rather than an API token), or use a native SSH client. pull 7605
Upgrade bundled Winstone from 6.7 to 6.10. Add the excludeProtocols option. Improve logging during shutdown. pull 7632, Winstone 6.10 changelog, Winstone 6.9 changelog, Winstone 6.8 changelog

Bug fix

Correct responsive behavior on resize of the 'About Jenkins' page. JENKINS-70191
Fix the behaviour of filtering in Build History Widget. JENKINS-70438
Fix behaviour of booleanRadio in a repeatable section. JENKINS-70139
Fix computer links navigation consistency. pull 7608

Enhancement

Running pipeline build logs can now be displayed across controller restarts without reloading in some environments. pull 7614

Bug fix

Update bundled Apache Mina SSHD API plugins from 2.9.1-44.v476733c11f82 to 2.9.2-50.va_0e1f42659a_a. Include fix for unsafe deserialization in SimpleGeneratorHostKeyProvider. pull 7623, JENKINS-70554 , CVE-2022-45047
Do not submit empty telemetry data if an error occurred during data collection. JENKINS-70533
Allow WebSocket agent connections to time out after 5m if a write never succeeds. JENKINS-70531

Bug fix

Move set node temporarily offline/online buttons to appbar. JENKINS-70394
Encode cloud name in Cloud#getUrl. pull 7573

Enhancement

Developer: Agent log location honors system property hudson.triggers.SafeTimerTask.logsTargetDir. pull 7595
Developer: Introduced an API SubTask.getOwnerExecutable to be implemented in Pipeline. pull 7599

Bug fix

Fix the TcpSlaveAgentListenerRescheduler functionality. TcpSlaveAgentListener is automatically restarted on failure. JENKINS-70334

Enhancement

Upgrade Spring Framework from 5.3.24 to 5.3.25. Spring Framework 5.3.25 includes 18 fixes and documentation improvements. Spring Framework 5.3.25 release notes

Enhancement

Remove the notice in the plugin manager "Updates" page for newer plugin versions that are not compatible with your current core version. Limit the display of updates to plugin versions actually being offered by the update center for your core version. JENKINS-62332
Add missing breadcrumb items in various locations. JENKINS-70169

Bug fix

Close connection on the agent if the agent's liveness ping receives no response. JENKINS-70414

Enhancement

Do not report implied dependencies for WMI Windows Agents plugin. JENKINS-70301
Developer: f:file now uses the morph tag library, all unknown attributes will be copied to the element. pull 7562

Enhancement

Allow HTML syntax for node descriptions. pull 6511
Hide values in tables showing potentially sensitive system properties and environment variables by default. pull 6843
Add support for badge icons in Management links. JENKINS-69339
Add tabs to System Information page. pull 7373
Add missing breadcrumb items for agents. JENKINS-70169
Restyle file uploads to match modern forms UI. pull 7452
Add missing breadcrumb items in logging views. JENKINS-70169
Add missing breadcrumb items in builds. JENKINS-70169
Add missing breadcrumb items for agents. JENKINS-70169
Add missing breadcrumb items in Views. JENKINS-70169
Add missing breadcrumb items in abstract classes. JENKINS-70169
Add missing breadcrumb items in User page. JENKINS-70169
Add missing breadcrumb items in system information page. JENKINS-70169
Update the design of the 'Advanced' button. pull 7173
Upgrade XStream from 1.4.19 to 1.4.20. This maintenance release addresses two security vulnerabilities that can cause a denial of service by raising a stack overflow in affected applications. It also provides new converters for Optional and Atomic types. pull 7548, XStream 1.4.20 changelog, XStream CVE-2022-40151, XStream CVE-2022-41966

Bug fix

Revert "Label 'Dismiss' buttons red." that was introduced in 2.378. JENKINS-70128
Do not prompt the user that changes may not have been saved after apply has been clicked. JENKINS-70112
Remove negative letter spacing to improve legibility in some languages and fonts. pull 7475
Align table headers with columns. JENKINS-70117

Enhancement

Align Build Executor Status collapsed content with build queue design pattern. JENKINS-70121
Remove support for log rotation via SIGALRM. The command-line argument --daemon has been removed. pull 7256

Bug fix

Restore link to last breadcrumb. JENKINS-70169

Enhancement

Add search bar for top level settings in Manage Jenkins. pull 7314
Robustness improvement regarding build number collisions. JENKINS-23152
Allow plugins to generate symbol markup from Java code. JENKINS-68805

Bug fix

Prevent Angry Jenkins when checking a non http(s) based update center URL. JENKINS-70240
Improve robustness of class loading on agents. pull 7526
Delaying initialization of cryptography needed for TCP inbound agents unless and until such an agent is connected. JENKINS-70206

Enhancement

Upgrade Guice from 5.0.1 to 5.1.0. Guice 5.1.0 contains eight fixes and improvements. Guice 5.1.0 Upgrade Guide
Add telemetry related to distributed builds. JENKINS-70199
Provide native Java 11 HTTP client versions of FormValidation#URLCheck methods. pull 7508

Bug fix

Fix the update of disabled plugins. JENKINS-69183

Bug fix

Improve tooltip performance. JENKINS-70178

Major enhancement

Update appearance and framework for tooltips. pull 6408

Enhancement

Upgrade Spring Security from 5.7.5 to 5.8.0. Spring Security 5.8.0 includes 71 fixes and improvements. Spring Security 5.8.0
Developer: better error logging for unexpected problems in Computer.threadPoolForRemoting. pull 7284

Bug fix

Delete .disabled files when uninstalling a plugin. JENKINS-68194

Enhancement

Jenkins no longer bundles a patched version of the deprecated Commons HttpClient 3.x library for use by plugins. Plugins should be migrated to the native Java 11 HTTP client or updated to depend on the legacy Commons HttpClient 3.x API plugin. Jenkins patched HttpClient library, Commons HttpClient 3.x
Set default file size rotation of AsyncPeriodicWork / AsyncAperiodicWork task logs. JENKINS-64151
Remove the deprecated WMI Windows Agents plugin from the setup wizard. pull 7414
Remove the deprecated Multijob plugin from the setup wizard. pull 7413
Add the URL of a plugin to the 'systemInfo' view. pull 7367
Add a "copy to clipboard" button to controller and agent thread dump pages. Remove the side panel from controller thread dumps. pull 7368
Developer: Introduce a high level HTTP client API. pull 7398
Upgrade Spring Framework from 5.3.23 to 5.3.24. Spring Framework 5.3.24 includes 33 fixes and improvements. Spring Framework 5.3.24

Bug fix

Fix the animation of the popup dialog in the admin monitor. JENKINS-70036
Memory leak when repeatedly connecting WebSocket agents. JENKINS-70103
Wait for 10 seconds before attempting to reconnect a WebSocket agent regardless of whether or not the controller is responding. Pull request 603
Fix a race condition affecting the launch of inbound agents. pull 7378

Enhancement

Label 'Dismiss' buttons red. pull 7364
Replace 'Changes' view icon with a symbol. pull 7229
Update 'Manage Nodes' page to use app bar and remove sidebar from 'New Node' page. pull 7352
Add telemetry for activation of permissions that are not enabled by default. JENKINS-70044
The minimum required Remoting version has been increased to 4.7 (released on February 16, 2021). pull 7340

Bug fix

Fix overlapping buttons in administrative monitors. pull 7366
Fix consoleview bouncing when new entries appear. JENKINS-69587
Fix error on profile page if the gravatar plugin is installed. JENKINS-70023
Reduce size of the focus state (regression from 2.366). JENKINS-69517

Enhancement

Remove deprecated and unused class UnbufferedBase64InputStream. pull 7335
Developer: Allow detached plugin location to be overridden. pull 7303
Upgrade Spring Security from 5.7.4 to 5.7.5. Spring Security 5.7.5 includes fixes for two authorization mapping issues affecting the scopes in spring-security-oauth2-client and org.springframework.security.web.access.intercept.AuthorizationFilter. Spring Security Release 5.7.5, CVE-2022-31690, CVE-2022-31692

Enhancement

Avoid unnecessary configuration save when reloading configuration from disk. pull 7305
Update ANTLR2 grammars and code to ANTLR4. JENKINS-68652
Update submit buttons to use .jenkins-button classes. pull 7203

Bug fix

Use inbound as the preferred symbol rather than jnlp for inbound agents in JCasC. pull 7171
Prevent deadlock on WebSocket agents. pull 7309

Major bug fix

Prevent a stack overflow when loading a queue (regression in 2.361). JENKINS-69850

Major enhancement

Improve breadcrumb bar accessibility. pull 6912
Update the design of notifications. pull 7049
Update the weather and status icons. JENKINS-65124

Enhancement

Suppress log messages from periodically running background tasks, such as "Periodic background build discarder". pull 7281
Update design of Manage Users page. pull 7197
Align the default value of the HTTP keep-alive timeout in Winstone with that of the upstream Jetty project by changing it from 5 seconds to 30 seconds. Remove unused --ajp13Port, --ajp13ListenAddress, --handlerCountMax, and --handlerCountMaxIdle options. JENKINS-69509 , Align HTTP keep-alive with Jetty default
Update bundled Script Security Plugin from 1172.v35f6a_0b_8207e to 1189.vb_a_b_7c8fd5fde. Update bundled Pipeline: API Plugin from 1144.v61c3180fa_03f to 1164.v760c223ddb_32. Update bundled Pipeline: Supporting APIs Plugin from 813.vb_d7c3d2984a_0 to 839.v35e2736cfd5c. Update bundled SCM API Plugin from 602.v6a_81757a_31d2 to 608.vfa_f971c5a_a_e9. 2022-10-19 Security Advisory, 2022-10-19 Security Advisory
Developer: Improve JNLP Port Unreachable error message with host value. pull 7282
Upgrade Spring Security from 5.7.3 to 5.7.4. Spring Security 5.7.4 includes dependency upgrades and minor fixes. Spring Security Release 5.7.4

Bug fix

Prevent exception from being thrown when attempting to initiate a safe restart. (regression in 2.374) JENKINS-69904 , pull 7091
Table column header highlight is overlapping with other header highlight. JENKINS-69689
Fix ClassCastException when trying to build a Job whose parameter list is empty. JENKINS-69637
Allow serialization of atomic boolean data types on Java 17. Unable to serialize AtomicBoolean on Java 17

Enhancement

Clarify safe restart won't wait for Pipeline jobs. pull 7091
Allow form checker to check more than one thing at a time. pull 6951
Replace the old Jenkins table layout in the slow trigger administrative monitor with the new Jenkins table layout. JENKINS-69714
Add documentation for the --paramsFromStdIn and --version command-line options. pull 7246
Developer: Add support for the app-bar component in the side panel. pull 7051

Bug fix

Fix sorting of British currency in tables. pull 7250

Enhancement

Use a more appropriate icon for log records. pull 7217
Use a more appropriate Manage Old Data icon. pull 7216
Deprecate the --extraLibFolder option for removal on or after January 1, 2023. Remove the --toolsJar and --useJasper options. pull 7112, Deprecate --extraLibFolder option, Remove unused JSP options

Bug fix

Ensure that temporary network partitions do not cancel the WebSocket ping thread (regression in 2.363). pull 7195

Enhancement

Improve the error message when running the controller on an unsupported Java version. pull 7185
Add a "Reset to default" button to reset update site url to default. JENKINS-69032
Modernize update center check button. pull 7183
Modernize session termination button. pull 7182
Improve performance when killing processes at the end of a build on Windows. JENKINS-67681
Upgrade the bundled Instance Identity plugin from 3.1 to 116.vf8f487400980. pull 7175
Introduce a new interface TriggeredItem. pull 7131

Bug fix

Support staging of releases (regression in 2.361). pull 7138
An exception is no longer thrown when stopping a stuck build on Windows on Java 17. JENKINS-69647

Security

Important security fix. security advisory

Enhancement

Replace header icons with ionicons. pull 7098
Press '/' to focus the search bar on a page. pull 7074
Winstone 6.4: Upgrade Jetty from 10.0.11 to 10.0.12. Support HTTP/2 without the use of a custom --extraLibFolder option. pull 7117, JENKINS-69624 , Winstone 6.4 changelog, Winstone 6.3 changelog, Jetty 10.0.12 changelog
Upgrade Spring Framework from 5.3.22 to 5.3.23. pull 7112, Spring Framework 5.3.23 changelog
Developer: Remove managed, provided dependency on log4j 1.2.17. Plugin builds that depend directly or transitively on log4j 1.2.17 must remove this dependency or exclude it from their build in order for their build to pass. pull 7028
Export hudson.model.Run#isInProgress to the json API. JENKINS-68981

Major bug fix

Fix broken UI on Configure Global Security form when plugins with active security warnings are installed (regression in 2.368). JENKINS-69627

Bug fix

Table columns get wider or smaller depending on the sort selection. JENKINS-67864
Improve build progress animation when refreshing parts of the history/executors widget. JENKINS-68627
Fix a race condition that causes file descriptor leaks when cloud agents are created. JENKINS-69534
Trigger form validation events after editing a CodeMirror formatted text area. JENKINS-15604

Enhancement

Show recommended actions (e.g., to update affected plugins) in security warnings popup. pull 7046

Bug fix

Fix thread safety in websockets handling. JENKINS-69543

Enhancement

Add sidebar to plugin manager, increase search bar size. pull 6783
Add support for Apple's touch bar icons. pull 6768
Minor changes to empty state arrow icon and header user profile icon. pull 7052
Removed: The signed jenkins-parent-${JENKINS_VERSION}-src.zip source archives have been removed from Artifactory for future releases. Users who wish to download source archives for offline consumption are encouraged to do so via GitHub. pull 7061, Artifactory, GitHub source code download
Provide more information about the agent connection when it fails with EOFException. pull 7053
Display email form validation errors near the data entry field in the setup form. JENKINS-68952
Developer: Enable ProjectNamingStrategy to check the full name of a new item. JENKINS-68602

Bug fix

Fix autosizing of CodeMirror textbox. JENKINS-69359
Fix bouncing build number element on mouse hover. JENKINS-69145
Properly reset attributes of cached symbols. JENKINS-68805
The dropdown chevron on the build executor queue is no longer misplaced, if the widget is refreshed. JENKINS-69114

Bug fix

Fix searchBar is null issue in setup wizard and when using custom Jenkins headers. JENKINS-69250
Fix a potential FileAlreadyExistsException error on startup on systems with slow I/O. JENKINS-67624
Add focus state in radio buttons. JENKINS-69398

Enhancement

Developer: Temporarily restore compatibility with PowerMock-based tests (regression in 2.358). Support for PowerMock will be completely removed on or after June 1, 2023. pull 7033
Upgrade Simple Logging Facade for Java (SLF4J from from 1.7.36 to 2.0.0. pull 7021, Changes in version 2.0.0 of the Simple Logging Facade for Java (SLF4J), SLF4J fluent logging API

Bug fix

Fix the resize behavior of Execute Shell build steps. JENKINS-69320
Allow agent processes to access the changed inbound agent connection URL (regression in 2.364). JENKINS-69370
Restore focus state for checkboxes (regression in 2.361). JENKINS-69276

Enhancement

Developer: Deprecate AdministrativeError. pull 6987
Developer: Upgrade Spring Security from 5.7.2 to 5.7.3. Spring Security 5.7.3 includes 19 fixes and improvements. pull 6997, Spring Security 5.7.3 changelog

Enhancement

Remove hierarchal sidebar links. pull 6907
Update design of buttons on the dashboard. pull 6799
Developer: Support usage of PluginManager#whichPlugin in JenkinsRule-based tests. pull 6982
Upgrade Winstone from 6.1 to 6.2. pull 6978, Winstone 6.2 changelog

Security

Important security fix. 2022-09-09 security advisory

Enhancement

Winstone 6.1: Upgrade Jetty from 9.4.46.v20220331 to 10.0.11. Remove support for OpenSSL-style PEM-encoded RSA private keys when running Jenkins with the embedded Jetty (Winstone) container and TLS. The flags --httpsPrivateKey and --httpsCertificate have been removed. pull 6801, JENKINS-68694 , Winstone 6.0 changelog, Winstone 6.1 changelog, Jetty 10 and 11 blog post, Remove ability to load pem cert for winstone, Documentation
Replace magnifying glass icon with computer icon in node overview. JENKINS-69202

Bug fix

Fix an error when rebuilding jobs triggered by polling (regression in 2.358). JENKINS-69210
Version select input is out of style with other drop down select input JENKINS-69240
Retain the position of the project configuration SCM checkbox when it is selected. JENKINS-68957
Add a space between repeating chunk items. JENKINS-69230

Enhancement

Use same styling on test overview bar as other Jenkins components. JENKINS-68578
Remove the tap highlight for iOS devices. pull 6924
Upgrade Eclipse Tyrus from 2.0.1 to 2.1.0. pull 6941, Eclipse Tyrus 2.1.0 overview
Upgrade Apache MINA SSHD from 2.8.0 to 2.9.0. pull 6903, Apache MINA SSHD 2.9.0 release notes
Introduced SetContextClassLoader utility class to assist in plugin class loading. pull 6575

Bug fix

Improve performance of a previous fix for java.lang.OutOfMemoryError: unable to create new native thread on agents. JENKINS-65873
Fix sorting by timestamp list of installed plugins in plugin manager. JENKINS-68750
Use correct plugin identifier when plugin id includes '-plugin' more than once. JENKINS-68801
Do not lead to other pages when users press enter key in the filter box of dropdown lists. JENKINS-68851

Enhancement

Remove 'Workspace' and 'Recent Changes' project summary buttons pull 6918
Tabs now appear above their respective sections, not at the top of the page. pull 6873
Keyboard shortcut added to focus global search bar (CMD + K/CTRL + K). pull 6893
Remove onclick and disabled attributes from f:toggleSwitch. JENKINS-60866
Remove support for Flash-based cross-domain (XDR) transaction support in YUI 2: Connection Manager. JENKINS-68994
Blocked upstream projects in the queue block downstream projects when the option "Block build when upstream project is building" is enabled for the downstream project. Blocked downstream projects in the queue block upstream projects when the option "Block build when downstream project is building" is enabled for the upstream project. JENKINS-68780

Bug fix

Update center checkboxes keep focus state after they have been clicked. JENKINS-68788
Change state of plugin manager "select all" checkbox when it is clicked. JENKINS-69110
Fix build number cutoff in build history widget. JENKINS-68390
Retain the search pattern and results across collapsing and reopening the dropdown list. JENKINS-68732

Enhancement

Remove the "New View" sidebar link. pull 6703
Rework "Updates" table checkbox selection controls. pull 6806
Add breadcrumbs to "Manage Jenkins" and children of it. Developers should ensure they use relative links for navigating between pages if they are a child of "Manage Jenkins". pull 6126
Upgrade Spring Framework from 5.3.21 to 5.3.22. Spring Framework 5.3.22 includes 45 fixes and improvements. pull 6844, Spring Framework 5.3.22 changelog

Bug fix

Do not include links on bread crumb elements that do not define a hyperlink destination. JENKINS-68986
Make context menu shadow darker than before. JENKINS-68985
Make progress bar easy to see. JENKINS-68672

Major enhancement

New design for configure project page. JENKINS-68282

Bug fix

Do not drop scale on sidebar symbols when the link text is longer than a line. JENKINS-68816
Remove the margin from the changelog url. JENKINS-68960
Don't display the job creation button to a user without Job/Create permission. JENKINS-68208

Enhancement

Developer: Support Java 11 in hudson.slaves.Channels#newJVM. pull 6723

Enhancement

Utilize modernized table in old data page. JENKINS-68198
Small revamp to loading spinner design. JENKINS-68934
Copy button design updated. pull 6698
Use modern checkbox for the reboot checkbox of the plugin manager. JENKINS-68912
Upgrade Java Native Access from 5.12.0 to 5.12.1. JNA 5.12.1 changelog, pull 6718
Developer: Deprecate Functions.singletonList which is not normally needed in JEXL. pull 6740
Developer: Jenkins core .properties files are now encoded in UTF-8. JENKINS-41729

Bug fix

Reverting prior attempts to make log records collectible. JENKINS-68417
Use a single border around CodeMirror boxes. JENKINS-68836
Use a solid background to make the build history pagination control more visible. JENKINS-68644
Make previous boot attempt timestamps available to boot-failure.groovy startup hooks (regression in 2.308). JENKINS-68848
Do not show the node log details link to users without permission to read the log. JENKINS-68642
Fix links in breadcrumb context menus to items in subfolders. JENKINS-68906
Avoid Amazon Corretto JDK issue by placing initialization logic into a well-defined package namespace. Amazon Corretto JDK issue due to hotpatch for Apache Log4j 2

Major enhancement

Require Java 11 or newer. Blog post, JENKINS-68570 , JEP-236, pull 6083

Enhancement

The install-plugins.sh script has been removed from the Docker containers after 18 months as a deprecated script. Manage plugin versions in containers with the plugin installation manager tool. The plugin installation manager tool is available in the image as jenkins-plugin-cli. Plugin installation manager tool, pull 1380
The instance-identity module has been converted to a detached plugin. JENKINS-55582
Update the minimum required Remoting version to 4.2.1. pull 6671
Update bundled JUnit plugin from 1.47 to 1119.1121.vc43d0fc45561 for security advisory. 2022-06-22 security advisory, pull 6582
Upgrade Spring Security from 5.7.1 to 5.7.2. Spring project spring-security 5.7.2 release notes, pull 6674
Bump spring-framework-bom from 5.3.20 to 5.3.21. Spring framework BOM 5.3.21 release notes, pull 6674
Upgrade Java Native Access (JNA) from 5.11.0 to 5.12.0. JNA 5.12.0 changelog, pull 6707
Allow plugin definition file (plugins.txt) to be generated from contents of the plugins directory. Upgrade plugin installation manager tool from 2.12.6 to 2.12.7. Plugin installation manager tool 2.12.7 changelog
Update bundled Display URL API plugin from 2.3.5 to 2.3.6. pull 6678
Update bundled Pipeline API plugin from 2.42 to 1144.v61c3180fa_03f. pull 6678
Update bundled Plugin Utilities API plugin from 1.5.0 to 2.16.0. pull 6678
Update bundled Checks API plugin from 1.1.1 to 1.7.4. pull 6678
Update bundled ECharts API plugin from 4.9.0-2 to 5.3.2-1. pull 6678
Update bundled SnakeYAML API plugin from 1.27.0 to 1.29.1. pull 6678
Update bundled JQuery3 API plugin from 3.5.1-2 to 3.6.0-2. pull 6678
Update bundled Font Awesome API plugin from 5.15.1-1 to 6.0.0-1. pull 6678
Update bundled SCM API plugin from 2.6.5 to 602.v6a_81757a_31d2. pull 6678
Update bundled Structs plugin from 1.23 to 308.v852b473a2b8c. pull 6678
Replace bundled Bootstrap 4 API plugin 4.5.3-1 with Bootstrap 5 API plugin 5.1.3-6. pull 6678
Replace bundled Popper.js API plugin 1.16.0-7 with Popper.js 2 API plugin 2.11.2-1. pull 6678
Add bundled Pipeline Supporting APIs plugin 813.vb_d7c3d2984a_0. pull 6678

Bug fix

Fix radio buttons selection offset. JENKINS-68799
Plugins selected for update cannot be unselected once the update has started. JENKINS-68730
Fix raster image build status icons no longer displaying when running Jenkins with a non-empty context path due to a malformed URL. JENKINS-68639
Show all log messages when an inbound agent fails to connect (regression in 2.310). JENKINS-68785
Fix 'unavailable plugin' messages in plugin manager. pull 6656
Ignore duplicate log recorders keyed by same name. JENKINS-68752
Tags and other sortable items are now displayed in the alphabetical order if the name contains more than one dot. pull 6627
Add sidepanel links on the error page displayed when a user incorrectly updates their password. pull 6661

Security

Important security fixes. security advisory

Enhancement

Update form validation appearance. JENKINS-68373

Bug fix

Fix build status position. JENKINS-67846
Fix websocket reconnection in edge cases. Upgrade from Remoting 4.13 to 3025.vf64a_a_3da_6b_55. pull 6576, JENKINS-68542 , Remoting 3025.vf64a_a_3da_6b_55 changelog

Enhancement

Developer: Optional property can now have inline help. pull 6615

Bug fix

Jenkins 2.353 was not placed in the artifact repository or on the download site.

Bug fix

Jenkins 2.352 was not placed in the artifact repository or on the download site.

Bug fix

Jenkins 2.351 was not placed in the artifact repository or on the download site.

Enhancement

Allow running on Java 17 without --enable-future-java. pull 6602
Use the default system font for Google Chrome. pull 6614
Use the newer Jenkins logo for OpenSearch. pull 6596
Upgrade Java 8 in Debian-based Docker images from 8u322-b06 to 8u332-b09. Docker pull request 1340
Update plugin installation manager tool in AlmaLinux-based Docker image from 2.10.0 to 2.12.6. Docker pull request 1359
Add slim Debian-based JDK 17 Docker image. Docker pull request 1360
Remove unused glibc package from Alpine-based Docker images. Docker pull request 1361
Add Alpine-based JDK 17 Docker image. Docker pull request 1362
Upgrade Alpine-based Docker images from 3.15.4 to 3.16.0. Docker pull request 1363, Docker pull request 1364
Do not add the jenkins user to the lastlog and faillog databases in Docker images. Docker pull request 1373
Remove unnecessary packages from Debian-based Docker images. Docker pull request 1375
Upgrade Debian-based Docker images from bullseye-20220228 to bullseye-20220509. Docker pull request 1358, Docker pull request 1380

Bug fix

Keep the Save and Apply buttons in front of menus (regression in 2.337). JENKINS-68640
Restore the frame color of the build progress bar of the executor widget. pull 6607
Fix websocket reconnection in edge cases. JENKINS-68542
Remove superfluous spacing on job configuration page. pull 6579
Fix class attribute for Jenkins Symbols using <l:icon ... />. JENKINS-68630
Provide supporting infrastructure to enable Pipeline: Groovy to work around a metaspace memory leak (JDK-8231454) for users running Pipeline jobs on Java 11. pull 6597, JENKINS-63766 , JDK-8231454 metaspace leak
Fix a runtime error when viewing the build time trend on Java 17. JENKINS-68215

Enhancement

Remove SSH Plugin from setup wizard plugin selection. JENKINS-68556
Show remote class loader statistics of agents with new table layout. JENKINS-68591
Update bundled Script Security Plugin from 1.75 to v35f6a_0b_8207e Update bundled WMI Windows Agents Plugin from 1.0 to 1.8.1 pull 6582, 2022-05-17 security advisory
Upgrade Spring Security from 5.6.3 to 5.7.1. pull 6578, Spring project spring-security 5.7.0 release notes, pull 6584, Spring project spring-security 5.7.1 release notes
Developer: Bump spring-security-bom from 5.7.0 to 5.7.1. pull 6584, Spring project spring-security 5.7.1 release notes

Bug fix

Job name no longer separates randomly in the table on Firefox. JENKINS-68205

Enhancement

Announce Java 8 end of life for weekly line as June 21 2022 pull 6566
Use native Java Platform functionality rather than Ant to load classes. The old behavior can be restored by setting -Dhudson.ClassicPluginStrategy.useAntClassLoader=true. pull 6571
Upgrade Spring Framework from 5.3.19 to 5.3.20. Spring Framework 5.3.20 includes 14 fixes and improvements. In addition, this releases include fixes for 2 vulnerabilities. pull 6565, Spring Framework 5.3.20 changelog, CVE-2022-22970, CVE-2022-22971
Remove Java Web Start support for launching inbound agents, along with the GUI mode, the platform-specific agent installers, and the JAR signature. pull 6543, Java Web Start
Suppress some uninteresting stack traces related to closed agent channels. pull 6555
Winstone 5.25 - Update Jetty from 9.4.45.v20220203 to 9.4.46.v20220331. pull 6558, JENKINS-68200 , Winstone 5.25 changelog, Jetty 9.4.46 changelog
Remove the ability for plugins to specify a minimum Java version. The minimum Java version of a plugin is always the same as the minimum Java version of the plugin's minimum core version. JENKINS-20679
Allow setting an "id" and style attribute for l:icon in combination with symbols. JENKINS-68381
Developer: New series of colours and new range of semantic colours added. pull 6538, Design Library

Bug fix

Display icons searched without an icon size CSS value (regression in 2.341). JENKINS-68296
Use a space between the icon and the text in the build executor status view instead of an underline. JENKINS-68430

Enhancement

Use new style checkboxes for plugin manager. pull 6527
Add syntax highlighting support to description at the user configuration page. pull 6551
Allow extra CSS classes with <l:icon>. JENKINS-68286

Bug fix

Fix the position of the help button when it is not directly attached to an object (regression in 2.320). JENKINS-68042
Fix indistinguishable build scheduling icon when the job is already in-queue (regression in 2.321). JENKINS-68303
Correct encoding for several localized strings. JENKINS-68537

Enhancement

Search input clear button now respects user's theme. pull 6521

Bug fix

Restore functionality of credentials popup in SSH Build Agents (regression in 2.344). JENKINS-68338
Wait for the computation to finish when triggering a new build while the build graph is being recomputed. This guarantees that recently updated build triggers are executed. JENKINS-67237

Enhancement

Refresh the login and signup page. JENKINS-68293
Remove unnecessary padding around 'Build after other projects are built' radios. pull 6509
Add quick filter box for menus created by buttons. JENKINS-62024
Developer: Upgrade Spring Security from 5.6.2 (released on February 21, 2022) to 5.6.3 (released on April 18, 2022). pull 6489, Spring project spring-security 5.6.3 release notes

Bug fix

Plugin Manager 'Installed' tab filter now resets when clicking search clear button (regression in 2.325). JENKINS-68291
Make bottom border visible in configure page (regression in 2.335). JENKINS-68031

Enhancement

Modernise log recorder pages. JENKINS-68284
Allow setting a user's primary view via configuration as code. JENKINS-61985
Add a dropdown menu to the build trigger if it is instantiated by a user. pull 6276
Upgrade bundled Jackson 2 API plugin from 2.12.0 to 2.13.2.20220328-273.v11d70a_b_a_1a_52. JENKINS-68276 , pull 6480, Jackson 2 API plugin changelogs
Upgrade Spring Framework from 5.3.18 (released on March 31, 2022) to 5.3.19 (released on April 13, 2022). pull 6474, Spring Framework 5.3.19 changelog
Use modern form inputs in Plugin Manager, login form, and setup wizard. pull 6442
Remove warning that recommends use of the Authorize project plugin. JENKINS-24513
Add a "copy to clipboard" button to the script console output. pull 6455
Align shutdown banner with other top banners, align executor starvation icon with other build widget icons, and add a side panel to the plugin uninstallation view. pull 6457
Improve the display of help text for agent launch methods. pull 6464
Remove the html.jelly template in favor of the more feature-rich layout.jelly template. pull 6468

Bug fix

Allow plugins to be disabled even when dependent plugins are disabled (regression in 2.325). JENKINS-68277
Fix dropdown chevrons not separating links and overflowing (regression in 2.340). JENKINS-68129
Fix third party weather icons in the table view (regression in 2.341). JENKINS-68270
Clicking the build progress bar again takes the user to the console output (regression in 2.340). JENKINS-68103
Correct icon resolution for remote icons (regression in 2.335). JENKINS-67849
Allow filtering updates in plugin manager by plugin ID (regression in 2.320). JENKINS-68260
Move plugin manager search bar back to middle (regression in 2.325). JENKINS-67933
Do not print a stack trace when archiveArtifact does not find a file. JENKINS-51913
Hide "No builds" when there is a pending build. JENKINS-67962

Major bug fix

Avoid a deadlock between agent class loading and logging. JENKINS-68122
Run downstream jobs (regression in 2.341). JENKINS-67237

Enhancement

Improve agent availability help. JENKINS-67744
Reject connections from agents with unsupported Remoting versions. JENKINS-50211
Display communication protocol in agent logs. JENKINS-40700

Bug fix

Preserve load statistics data for label expressions. JENKINS-68055
Fix the position of icon and text (regression in 2.335). JENKINS-67846
Stop builds in the order they are provided from the CLI. pull 6456
Hide textarea preview when the field is read only. JENKINS-68188

Enhancement

Change formatting in the "Configure Security" screen. f:dropdownDescriptorSelector now honors help.html for the selected descriptor. pull 5417
Upgrade Spring Framework from 5.3.16 to 5.3.18 (released on March 31, 2022). This release of Spring Framework addresses the security vulnerability CVE-2022-22965. pull 6422, Spring Framework, Spring project spring-framework 5.3.17 release notes, Spring project spring-framework 5.3.18 release notes, CVE-2022-22965, Spring vulnerability CVE-2022-22965 does not affect Jenkins core
Miscellaneous polishing of various components. pull 6411
Show warning dialog if Java 8 is selected in Windows installer. JENKINS-68170 , pull 306 (packaging)

Bug fix

Extend the medium length load statistics to cover 2 days instead of 1. Sometimes the data for the time period was not displayed correctly (regression in 2.204). JENKINS-64299

Enhancement

Developers can now use custom symbols in their plugins (link to Symbols docs) JENKINS-68137
Hide "Delete build '#'" button if "Keep this build forever" is selected. pull 6403
Use new color in trend graph. JENKINS-65928
Add more Korean translations. pull 6394
Add Traditional Chinese translation property files. pull 6386
Make "View build information" pages readonly for users who don't have permission. JENKINS-67967

Bug fix

When triggering a new build while the build graph is currently being re-computed, jenkins waits for the re-computation to finish. This guarantees that recently updated build triggers are executed. JENKINS-67237

Enhancement

Update icons. pull 6307
Run core test suite on Java 17. pull 6364
Vertically align the checkbox with the button in the new item page. JENKINS-68037
Update link and breadcrumb dropdowns. JENKINS-67396

Bug fix

Fix bad encoding of security warnings in French showing special characters. pull 6382
Fail fast when the frontend sends an invalid class name. Upgrade Stapler from 1642.ve454c4518974 to 1666.v0275e61a_9874. pull 6376, pull 322, Stapler 1666.v0275e61a_9874 changelog
Move Polling Log "View as plain text" link to side panel. JENKINS-67713

Enhancement

Winstone 5.24 - Add an option to write the listening port to a file. Remove automatic self signed certificate if TLS is specified but no keystore pull 5928, JENKINS-66379 , Winstone 5.23 changelog, Winstone 5.24 changelog
Make "Unavailable" label in plugin manager theme-able JENKINS-67953
Support Java 17 without --add-opens command-line options. pull 6356
Deprecate PosixException in favor of IOException. pull 6345

Bug fix

Remove unnecessary log spam when starting Jenkins under systemd on Debian 11 (regression in 2.333 and 2.332.1). JENKINS-67995
Prefer --httpPort from JENKINS_ARGS over HTTP_PORT when the two differ. JENKINS-68007 , pull 296 (packaging)
Improve appearance of the changeset box (regression in 2.335). pull 6343
Prevent multiline letters from being cut off on the changeset view tab. pull 6344
Skip corrupted fingerprint files. JENKINS-67602

Enhancement

Use modern icons at the workspace view. pull 6229
Add Brazilian Portuguese translation property files. pull 6319
Remove the Java Native Runtime (JNR) library from Jenkins core. pull 6323, Java Native Runtime project
Developer: Add a --debug option to the translation tool to help in troubleshooting. Improve the readability of the translation tool command-line interface (CLI). pull 6317
Developer: Upgrade the Guava library from 31.0.1 (released September 27, 2021) to 31.1 (released February 28, 2022). pull 6322, Guava 31.1 changelog

Bug fix

Stop overemphasizing console logs (regression in 2.335). pull 6342
Support focus state on checkboxes (regression in 2.335). JENKINS-67965
Place icons at the same height as their associated text (regression in 2.335). JENKINS-67858
Replace the "unavailable ionicon" icon by a smaller "x". pull 6291
Show only one console box when viewing the build log (regression in 2.335 and 2.226). pull 6338
Allow agent reconnects on Java 11 and websocket. Prevent infinite loop in case of a closed SSL connection. Upgrade from Remoting 4.12 to 4.13. pull 6329, JENKINS-66446 , JENKINS-67928 , Remoting 4.13 changelog
Ensure inbound agent restart logic is applied. JENKINS-66446
Display log entries with missing logger names in the log viewer. pull 6310
Honor MSI installer parameter values for PORT and INSTALLDIR. pull 287 (packaging)

Enhancement

Remove the 'cloud configuration has moved to a separate configuration page' notice. pull 6298
Update the appearance of the button bar at the bottom of forms. pull 6295
Developer: Upgrade Spring Security from 5.6.1 (released on December 20, 2021) to 5.6.2 (released on February 21, 2022). pull 6297, Spring project spring-security 5.6.2 release notes

Bug fix

Persist changes made to boolean radio controls (regression in 2.336). pull 6311
Update bundled Display URL API plugin to prevent issues starting the mailer plugin for offline installations. JENKINS-67885
Keep colors when interacting with ionicons as link icon. pull 6296

Bug fix

Restore missing computer icon in the "System Information" view of an agent (regression in 2.335). pull 6289
Place text correctly on boolean radio controls (regression in 2.335). JENKINS-67847
Don't add leading slash to foreign icons (regression in 2.335). JENKINS-67823
Don't show build status on jobs that are not yet built (regression in 2.321). JENKINS-67797
Use icon of the correct size in list of agents with a specific label (regression in 2.335). JENKINS-67837
Don't prepend icon when it's already there. Resolves missing icons in some cases (regression in 2.335). JENKINS-67828
Restore missing help icon (regression in 2.335). pull 6280

Major enhancement

Modernise form components. pull 5923

Enhancement

Switch Linux installers from System V init to systemd. JENKINS-41218
Winstone 5.22 - Update Jetty from 9.4.43.v20210629 to 9.4.45.v20220203. Append to log file rather than truncating it (Winstone PR-200). Write log file and access logs in UTF-8 encoding rather than default encoding (Winstone PR-200). pull 6262, JENKINS-66379 , Winstone 5.22 changelog, Jetty 9.4.45 changelog, Winstone PR-200
Update "Manage Jenkins" icons and controls. The plugins icon now shows how many updates are available. pull 6273
Replace the computer-flash GIF icon with the hourglass icon. JENKINS-67742
Remove support for RoleChecker#check(RoleSensitive) calls which were added again in Jenkins 2.319. All remoting Callable implementations need to perform an actual role check as documented. pull 5901, Remoting callables documentation
Several icons across Jenkins have been updated - the build icon, the delete icon, the settings icon, the about icon and the plugin icon. pull 6186
Use modern table design for "Recorded Fingerprints" and "Legacy API Tokens" tables. pull 6247
Minor form and spacing changes. pull 6259
Update table styling and spacing with small table UI tweaks. pull 6248
Startup completion notification is available with systemd(1). pull 6228
Update the Korean internationalization for build icon descriptions. pull 6241
Extend startup notification timeout as each initialization milestone is attained. pull 6237

Bug fix

Update remoting from 4.11.2 to 4.12 to allow Java web start agents to connect (regression in 2.318). pull 5983, JENKINS-67000 , Remoting 4.12 changelog
Overwrite grey balls icon with the modern "not built" status. JENKINS-67753
Link the log recorder configure button to the associated log recorder (regression in 2.322). pull 6245
Render the question mark on the new help button only once so that it is not shown twice, even while using different themes. pull 6233
Truncate long build names again (regression in 2.332). JENKINS-67689
Return zero from RPM init script on successful stop. JENKINS-31656
Do not print Java version message from Debian installer when correct Java version is detected. JENKINS-55696
Restart systemd service when the controller exits unexpectedly. JENKINS-56219
Restart the Jenkins service after plugin updates on Debian 11 (bullseye). JENKINS-65809
Do not fail startup with timeout on systems with slow DNS resolution. Rely on the Jenkins process to check for port availability rather than using a separate shell function. JENKINS-67404
Correctly report startup result on Amazon Linux 2 installed with the rpm package. JENKINS-67487

Security

Security fix. security advisory

Bug fix

Allow Debian package to start when JAVA_ARGS contains spaces. JENKINS-67724 , pull 278 (packaging)

Enhancement

Startup completion notification is available with systemd(1). pull 6228
Update the bundled Mailer Plugin from 1.32.1 to 408.vd726a_1130320. pull 6180, JENKINS-67674 , 2022-01-12 security advisory
Update the bundled Matrix Project Plugin from 1.18 to 1.20. pull 6180, JENKINS-67674 , 2022-01-12 security advisory
Remove images from core that have been replaced by SVG images. pull 5778
Update site warnings can now be configured with Configuration as Code. JENKINS-56057
Remove support for plugins written in Ruby. Deprecating non-Java plugins blog post
Upgrade the XStream library from 1.4.18 to 1.4.19. Addresses the CVE-2021-43859 security vulnerability when unmarshalling highly recursive collections or maps causing a Denial of Service. pull 6231, XStream 1.4.19 changelog, XStream CVE-2021-43859

Bug fix

Launch only one agent to satisfy cloud agent requests that use label expressions. JENKINS-67635
Run cleanup before terminating the controller process due to a Unix TERM signal. pull 6230
Correctly render expandable text boxes into multiple lines (regression in 2.197 and 2.176.4). JENKINS-67627
Keep the same height when dragging and dropping a component (regression in 2.277). JENKINS-67496
Show correct feature name in tooltips of help links (regression in 2.179). JENKINS-67662
Support group names with spaces in the deb package. JENKINS-56911 , pull 268 (packaging)
Remove requirement for daemon in deb packages. pull 261 (packaging)
Remove requirement for daemonize in RPM packages. pull 248 (packaging)

Bug fix

Restore the location of the build progress bar (regression in 2.321). pull 6199

Bug fix

Increase width of job configuration form on wide screens. JENKINS-67198

Enhancement

Unify labels in plugin manager. Remove deprecated terminology labels from the Plugin Manager. pull 6151
The JavaMail and JavaBeans Activation Framework (JAF) libraries have been detached from Jenkins core into dedicated plugins. pull 6165, JavaMail, JavaBeans Activation Framework (JAF)

Security

Security fix. security advisory

Bug fix

Fix ClassNotFoundException: io.jenkins.cli.shaded.org.w3c.dom.Node when using JAXB. JENKINS-67470
Fix vertical icon alignment for build status in medium (M) and small (S) icon sizes. JENKINS-67515

Enhancement

Developer: The javax.annotation.Generated, javax.annotation.ManagedBean, javax.annotation.PostConstruct, javax.annotation.PreDestroy, javax.annotation.Priority, javax.annotation.Resource, javax.annotation.Resources, javax.annotation.security.DeclareRoles, javax.annotation.security.DenyAll, javax.annotation.security.PermitAll, javax.annotation.security.RolesAllowed, javax.annotation.security.RunAs, javax.annotation.sql.DataSourceDefinition, and javax.annotation.sql.DataSourceDefinitions annotations have been deprecated in favor of the equivalent classes in the jakarta.annotation package. Plugin developers should migrate to the Jakarta Annotations version of each of the above annotations. pull 6161

Enhancement

Use SVG icons for agent context menu and executor status. pull 6146
Modernise the "About Jenkins" page. Update the table and tab design to use normal cased text. pull 6055

Bug fix

Ensure that loggers exist before setting their log levels. In rare cases, setting the log level of a logger may have had no effect. pull 6143

Enhancement

JRuby support has been removed from the Stapler web framework used in Jenkins core. A small number of JRuby-based plugins are affected; see the blog post for migration notes. pull 6103, JEP-7: Deprecation of Ruby and Python plugin runtimes, Deprecating non-Java plugins (blog post), Stapler repository, JRuby project
Remove support for setting the Jenkins home directory via Java Naming and Directory Interface (JNDI). pull 6111
Improve visualization of the Environment Variables page. pull 6096
Ensure that links from inline help (shown after clicking "?" icons) always open in new windows. pull 6095
Include plugin short names in some error messages. pull 6077
Developer: Bump spring-security-bom from 5.6.0 to 5.6.1. pull 6089, Spring project spring-security 5.6.1 release notes

Major enhancement

The agent-to-controller security subsystem is now always enabled. The admin-customizable allowlists for callables and file paths have been removed. The ability to access some files on the controller from agents has been removed. Some plugins are incompatible with this change and may need to be updated. pull 5885, JENKINS-67173 , the issue tracker

Enhancement

Add missing SVG for parameterized job icon. pull 5905
Add "Report an issue" link to plugins in the plugin manager. JENKINS-65113
Upgrade Groovy from 2.4.12 to 2.4.21. pull 5939, Groovy 2.4.13 changelog, Groovy 2.4.14 changelog, Groovy 2.4.15 changelog, Groovy 2.4.16 changelog, Groovy 2.4.17 changelog, Groovy 2.4.18 changelog, Groovy 2.4.19 changelog, Groovy 2.4.20 changelog, Groovy 2.4.21 changelog, Groovy language site
Developer: Stapler now returns an informative error message when a request is made for an invalid adjunct. pull 6066
Developer: Deprecate SlaveToMasterFileCallable. JENKINS-67173

Major bug fix

- Restore support for symbolic links in the Jenkins home directory (regression in 2.325). JENKINS-67372

Enhancement

Modernise the appearance of the plugin manager. pull 5916
More reliably estimate plugin download progress. pull 6038
Developer: Add FilePath#validateAntFileMask(String, boolean) overload for convenience. pull 6033
Developer: The option -Dhudson.ClassicPluginStrategy.useAntClassLoader=false allows experiments with plugin-first class loading alternatives. pull 5970

Bug fix

Newly created items are again automatically made accessible to their creators to fix a regression in the matrix-auth plugin (regression in 2.324). JENKINS-21224
- Fix a resource leak when shutting down Jenkins. pull 6034
- Fix a resource leak when a plugin fails to load. pull 6030
Filtering now hides unavailable updates on "Updates" tab in Plugin Manager. JENKINS-65084
An agent-to-controller security measure failed to persist configuration. pull 5888
Custom log records with large record parameters no longer interfere with garbage collection. pull 6018

Enhancement

Improve logging for termination of cloud agents. pull 6010
Developer: Plugins now have their Guice dependencies aligned with core. pull 6014
Introduced Listeners.notify utility method to encourage safe listener notification. JENKINS-21224
Developer: Disable form element path in unit tests by default. pull 6004
Deprecate FingerprintStorage.getFileFingerprintStorage. Developers should use FingerprintStorage Extension API instead. pull 5423, FingerprintStorage.getFileFingerprintStorage javadoc, FingerprintStorage Extension API

Bug fix

Fix appearance of table tooltips. JENKINS-67154

Enhancement

Add configuration-as-code support for managing log recorders. JENKINS-61278
Add path to form elements giving stable selectors for UI testing. pull 5926
Developer: New extension point Header as an interface that provides capabilities to render a specific header and a default implementation of that, named JenkinsHeader that is enabled by default. pull 5909, JEP-234: Customizable Jenkins header

Bug fix

Update remoting from 4.11.1 to 4.11.2 to fix code signing. pull 5983, JENKINS-67227 , Remoting 4.11.2 changelog
Improve performance by lazy loading build records from the run list. pull 5942
"View as plain text" shows correctly in polling log page. JENKINS-67193

Enhancement

Issue a warning to the system log when using agent-to-controller file manipulation idioms considered for deprecation, and collect telemetry about this as well. pull 5890
Add descriptions of built-in administrative alerts to the global configuration alert selection page. pull 5937
Modernise System Info and Log Recorder pages. pull 5925
Developer: Register UberClassLoader as parallel-capable. pull 5931

Bug fix

Jenkins startup could hang due to a deadlock in class loading. JENKINS-67188
Display full user name, rather than id, in securityRealm page when using the built-in security realm (regression since 2.243). pull 5925
Display the "Configure System" icon in the drop down menu. JENKINS-67033

Enhancement

Modernise the table design and add support for Ionicons. pull 5851
Remove superfluous user interface elements, including images, mask-icon, and unnecessary resize handles. pull 5777
Only apply trimLabels operation to affected nodes when adding or removing them. JENKINS-67099
Developer: Upgrade the Guice library from 4.0 (released April 28, 2015) to 5.0.1 (released March 2, 2021). pull 5858, Guice library, Guice 5.0.1 release notes
Developer: Bump spring-security-bom from 5.5.3 to 5.6.0. pull 5921, Spring project spring-security 5.6.0-RC1 release notes, Spring project spring-security 5.6.0 release notes

Bug fix

Maven tool configuration works again (regression in 2.320). JENKINS-67109
Show ongoing first build in build history (regression in 2.314). JENKINS-66969
Fix filtering in update tab of plugin manager (regression in 2.320). pull 5908
Permit additional safe types in agent to controller access control (regression in 2.320). JENKINS-67105

Major enhancement

Upgrade the Guava library from 11.0.1 (released on January 9, 2012) to 31.0.1 (released on September 27, 2021). Plugins have already been prepared to support the new version of Guava; use the Plugin Manager to upgrade all plugins before and after upgrading Jenkins. pull 5707, JENKINS-36779 , JEP-233, Guava web site, Guava 31.0.1 changelog

Enhancement

Modernise the 'New view' and 'New node' pages. pull 5842
Improve artifact list readability in dark theme. pull 5889
Use CSS animation for console progress. pull 5871
Allow plugin upload by URL in addition to file name. JENKINS-4814
Update bundled version of Bouncy Castle API plugin from 2.20 to 2.25. pull 5898, Bouncy Castle release notes
Developer: Provide a stable version of ObjectWebASM (currently 9.1) on the classpath. pull 5524, ObjectWebASM web site
Developer: Use the upstream version of AntClassLoader without custom patches. pull 5856

Bug fix

Prevent LinkageError during class loading (regression in 2.309). JENKINS-66993
Do not attempt to canonicalize tar entries when untaring, as the result may be unexpected for symlinks. JENKINS-67063
Fix form submission for file access rules of agent to controller security subsystem (regression in 2.111). pull 5881, JENKINS-67061 , Upgrade guide - Agent to controller path filter security fixes
Avoid false positives in plugin search (installed tab). pull 5870
Fix missing hyperlink in build history (regression in 2.314). JENKINS-67028
Add space between icon and project name (or build number) in all links to builds. pull 5887
Add space between icon and project name in upstream & downstream section of project page. JENKINS-66749
Replace outdated URLs with working redirects. JENKINS-67032
An exception thrown by a RestartListener no longer leaves Jenkins in a zombie-like state. JENKINS-67002
Display the time zone of the user when an administrator updates a user account. JENKINS-66845

Security

Important security fixes. security advisory

Major enhancement

Security hardening: Require role check for remoting callables. LTS upgrade guide, developer documentation

Enhancement

Always allow configuring agent-to-controller security subsystem.

Enhancement

Add XStream2 constructor matching super. JENKINS-66955
Remove deprecated, unsafe classes previously copied from Apache Ant. Docker Slaves plugin is incompatible with this change. JENKINS-66930
ExecutorListener may now be implemented as a static extension. JENKINS-66947
Update tooltips to be consistent across Jenkins. pull 5763

Enhancement

Screen Resolution cookie now has the secure flag set when Jenkins is running on HTTPS. JENKINS-49675
Deprecate the -cp option in the remoting agent.jar command line. Upgrade from Remoting 4.10 to Remoting 4.11. pull 5821, JENKINS-64831 , Remoting 4.11 changelog

Bug fix

Display ongoing build in build history (regression in 2.314). JENKINS-66753
Fix agent handshake when connecting over Websocket on Java 11. Upgrade from Remoting 4.10 to Remoting 4.11. pull 5821, JENKINS-61212 , Remoting 4.11 changelog
Reduce the amount of disk writes to logs/tasks/*.log when nothing interesting is happening. JENKINS-66854

Enhancement

Update the French translation in the legend. JENKINS-66681
Display full plugin name and link when a plugin fails to load. JENKINS-66776
Improve error reporting for certain kinds of bugs in computer listeners. pull 5755
Update bundled versions of Pipeline: API, Pipeline: Step API, SCM API, and Structs plugins. pull 5773, Pipeline: API plugin, Pipeline: Step API plugin, SCM API plugin, Structs plugin

Bug fix

Developer: Fix XStream2 support of unmarshalling implicit collections. pull 5757

Security

Security fixes. security advisory

Enhancement

Security hardening: The "short description" of build causes is now defined as plain text instead of HTML. related LTS upgrade guide entry, related developer documentation

Enhancement

Modernise the "Build History" search bar pull 5692
Show new status icons in build history JENKINS-66659
Modernise the "Manage Jenkins" screen pull 5693

Enhancement

Allow a plugin to dynamically insert a JAR file into its classpath. JENKINS-66563
Remove the --daemon argument from Jenkins command line arguments. Replace Akuma library from Jenkins core with simpler implementations using ProcessTree capabilities pull 5561

Bug fix

Allow Jenkins to start when the JCasC configuration defines view-related permissions (regression in 2.302). JENKINS-66470
Correction of Label expression including a "implies" relationship without spaces around. JENKINS-66613
WebSocket connections now work when the Jenkins controller is running Java 11 and using self-terminated TLS. JENKINS-61212

Enhancement

Update executable war from 1.45 to 2.0 pull 5706

Bug fix

Replace the old icons with the new SVG icons in the job trend page. JENKINS-65928

Bug fix

Fix wrong parameter type for Text Parameter when triggering a build via the buildWithParameters API call. pull 5704
The checkbox labeled "Enable Agent → Controller Access Control" in the form "Configure Global Security" would always start out as disabled. Submitting the form without checking it would then cause a configuration change (regression in 2.307). pull 5694

Enhancement

Graphs now scale correctly on high resolution screens. pull 5697
Load classes from plugins in parallel for faster startup on multicore machines. JENKINS-23784
Internal: Experimental support for URLClassLoader can be enabled by setting hudson.ClassicPluginStrategy.useAntClassLoader=false. pull 5698

Bug fix

Jenkins 2.310 was not placed in the artifact repository or on the download site.

Bug fix

Fix missing settings/cog icon in Plugin Manager. Fix incorrect folder icon showing in projects (regression in 2.307). pull 5690

Enhancement

Add ABORTED threshold to ReverseBuildTrigger. pull 5542
Developer: Bump Java Native Access (jna) from 5.8.0 to 5.9.0. pull 5682, JNA 5.9.0 changelog
Internal: AntClassLoader (and its subclass PluginFirstClassLoader) and MaskingClassLoader register themselves as parallel-capable. pull 5687
Upgrade from xstream 1.4.17 to 1.4.18. pull 5685, JENKINS-66507 , XStream 1.4.18

Enhancement

Use SVGs over PNGs for the sidebar when possible. Breadcrumb bar/logo/menu items are now correctly aligned on the left together. Move old war/images folder to webapp so they can be used in frontend - the SVGs are now in the webapp/images/svgs folder. pull 5663
Update appearance for feed bar and description button to be modern and consistent. pull 5664
When the buildWithParameter API is called, if the requests with the same parameters in the queue are merged, the http response code of the request uses a more appropriate 303(see other) instead of 201(created). JENKINS-66105
Warn about use of master in a label expression when that's no longer in use. pull 5674
Developer: Bump spring-security-bom from 5.5.1 to 5.5.2. pull 5672, Spring project spring-security 5.5.2 release notes

Bug fix

Use full URL character encoding for the generated inbound agent launch string. pull 5636
Use the JVM's default keystore type for the Jenkins server when terminating TLS connections within Jenkins. Used if Jenkins is started with the --httpsPort argument. Winstone 5.21: Update Jetty from 9.4.42.v20210604 to Jetty 9.4.43.v20210629. pull 5670, JENKINS-66379 , Winstone 5.20 changelog, Winstone 5.21 changelog, Jetty 9.4.43 changelog

The default Docker images for Jenkins 2.307 ('2.307', 'latest', 'alpine', 'slim', ...) use Java 11 unless specifically tagged with the jdk8 string. See the Docker images use Java 11 by default blog post for more details.

Major enhancement

Replace the term "master" with "controller" (for the main Jenkins application) or "built-in node" in user interface strings and documentation as appropriate. pull 5425
Add migration code to change the node name (e.g. NODE_NAME environment variable) and label of the built-in node only after explicit migration by an administrator. New installations get the new node and label immediately. If a job definition, Pipeline definition, or tool installer reference must be tied to the built-in node, it should use the label "built-in". Built-In Node Name and Label Migration
Add the system property jenkins.model.Jenkins.nodeNameAndSelfLabelOverride to specify a different node name and label for the built-in node (e.g. for Configuration as Code use cases) than the one otherwise determined. This will not affect other uses of the node name, such as the URL to the built-in node (now /computer/(built-in)/). pull 5425

Bug fix

GDSL file in jenkins-core library no longer reports an IllegalStateException when used in IntelliJ IDEA. pull 5662

Enhancement

Improve layout of console output header. pull 5507
Use the SVG version of the Jenkins text logo instead of the PNG. pull 5660
Developer: Jenkins now uses an updated version of the AntClassLoader class with fewer custom patches. pull 5656
Removed: The Woodstox implementation of the StAX API has been removed from Jenkins core. Users of the Azure Artifact Manager, Azure Container Agents, Azure Storage, and Azure SDK API plugins must upgrade those plugins to the latest versions in lockstep with this core upgrade. Plugins that consume Woodstox should depend on it directly or via the Jackson 2 API plugin. pull 5651, Woodstox implementation, StAX API, Azure Artifact Manager plugin, Azure Container Agents plugin, Azure Storage plugin, Azure SDK API plugin, Jackson 2 API plugin

Bug fix

Provide working "Help About" links for Jenkins CLI, Jenkins core, and Jenkins war. JENKINS-64666

Enhancement

Developer: AntClassloader will now ignore files that are part of the classpath but not zip files when scanning for resources. It used to throw an exception. pull 5650

Bug fix

Show tooltips when users hover on the SVG icons. JENKINS-65923

Enhancement

Ability to disable Java 11 administrative monitor with a system property. JENKINS-66177
Developer: Make AntClassLoader multi-release JAR aware when it deals with java.util.jar.JarFile. pull 5635

Bug fix

Fix an issue unzipping archives in a corner case when entries have the same path prefix as the target location. JENKINS-66094

Enhancement

Avoid polluting the log when usage statistics can not be sent. JENKINS-66139
Bump matrix-auth from 2.6.7 to 2.6.8. pull 5630
Bump bundled Ant from 1.10.10 to 1.10.11. pull 5620
Remove support for native JNR (Java Native Runtime) chmod(2) and stat(2) implementations as opposed to NIO (Java non-blocking I/O) via the hudson.Util.useNativeChmodAndMode system property. This system property no longer has any effect. pull 5606
Developer: Allow consumers of XmlFile to disable fsync(2). pull 5599
Internal: Terminology cleanup to fix build time trend's distributed builds. Only show the agent column when the controller has agents defined. pull 5625

Enhancement

Bump commons-compress from 1.20 to 1.21. pull 5624
Bump spring-security-bom from 5.5.0 to 5.5.1. pull 5598, Spring project spring-security 5.5.1 release notes

Enhancement

Optimize access control checks affecting (at least) Pipeline node steps. pull 5586
Developer: The hudson.util.SubClassGenerator and experimental hudson.model.TreeView class have been removed without replacement. pull 5566, pull 5603
Internal: Upgrade from Remoting 4.9 to Remoting 4.10 with bugfixes and dependency updates. pull 5607, Remoting 4.10 changelog

Major bug fix

Fix a regression in 2.298 where some plugins (including Azure Storage) could not correctly parse streaming XML output. pull 5604

Enhancement

The Jenkins process management functionality now supports FreeBSD. pull 5563
Bump jenkins from 1.64 to 1.65. pull 5594
Winstone 5.19: Update Jetty from 9.4.41.v20210516 to Jetty 9.4.42.v20210604. pull 5589, Winstone 5.19 changelog, Jetty 9.4.42 changelog

Security

Important security fixes. security advisory

Enhancement

Update stapler from 1539.v2f05ce93882d to 1563.v3da2d02f9572. pull 5549, Stapler 1539.v2f05ce93882d changelog, Stapler 1563.v3da2d02f9572 changelog
Developer: InterceptingExecutorService and its subclasses no longer extend com.google.common.util.concurrent.ForwardingExecutorService or com.google.common.collect.ForwardingObject. pull 5565
Remove jna-posix dependency from Jenkins core. Plugins that use jna-posix functionality must be migrated from jna-posix to jnr-posix. pull 5560, Maven Repository Scheduled Cleanup plugin, SICCI for Xcode plugin, java.io.tmpdir cleaner plugin

Enhancement

Document REST methods to mark an (agent) node temporarily offline and related tasks. pull 5556
Add X-Frame-Options header to AJAX responses. pull 5555

Major enhancement

Remove Apache Commons Digester library and related code from the Jenkins core. pull 5320, JENKINS-65161 , announcement and upgrade guidelines

Bug fix

Fix incorrect process termination issues when running on macOS. JENKINS-65195
Add check to prevent out of bounds memory access error on macOS. JENKINS-64347
A race condition in class loading could result in a LinkageError. JENKINS-65766
Do not change fonts when artifacts are as shown as a tree. JENKINS-65751

Enhancement

Bump sshd-core from 2.5.1 to 2.7.0 in Jenkins CLI. pull 5547

Major bug fix

Fix regressions in forms submissions from unwanted form validation in any browser (regression in 2.289). JENKINS-65585

Enhancement

Recommend running on Java 11. JENKINS-65577
Change the word 'number' to 'integer' in the error message of the number field. pull 5538
Show implied plugin dependencies or a count of dependencies for plugins split from core. pull 5472
Bump spring-security-bom from 5.4.6 to 5.5.0. pull 5505, Spring project spring-security 5.5.0 release notes
Winstone 5.18: Update Jetty from 9.4.40.v20210413 to 9.4.41.v20210516 for bug fixes and enhancements. pull 5540, Winstone 5.18 changelog, Jetty 9.4.41 changelog
Developer: View is now a DescriptorByNameOwner allowing its use as AncestorInPath. pull 5533
Remove the Bytecode Compatibility Transformer library and related code from Jenkins core. Developer: Plugins that rely on the hudson.model.Queue$Item#id or hudson.model.AbstractProject#triggers fields must be updated to call the corresponding getters. pull 5526, Vertx plugin, Slave Prerequisites plugin
Developer: Remove JTidy dependency from Jenkins core. Plugins that use JTidy functionality must be updated to explicitly declare a dependency on JTidy rather than relying on Jenkins core to provide this library. pull 5521, NIS notification lamp plugin
Internal: Remove partial (~6% complete) Arabic and Portuguese translations pull 5518
Internal: Upgrade from Remoting 4.8 to Remoting 4.9 with bugfixes and dependency updates. pull 5539, Remoting 4.9 changelog

Bug fix

A specific and rarely encountered internal error now again correctly shows details about the cause (regression in 2.292). pull 5537
Improve contrast for the checkbox in the login page. pull 5536
Jenkins redirects users to the previous page after login even if they were able to view it while not logged in (regression in 2.266). JENKINS-64991

No notable changes in this release.

Major bug fix

Fix SSH command line interface (CLI) authentication (regression in 2.284). JENKINS-65273
Fix NoSuchMethodError when using plugins that rely on bridge methods for compatibility (regression in 2.278). JENKINS-65605

Enhancement

Remove the requirement for locking the queue when adding a new node. pull 5450
Explain that some plugin updates can be unavailable even on the latest version of a given release line (i.e. LTS). pull 5462
Update French terminology for controller. JENKINS-65398
Upgrade from xstream 1.4.16 to 1.4.17. pull 5498, JENKINS-65657 , XStream 1.4.17
Internal: Upgrade from Remoting 4.7 to Remoting 4.8 with bugfixes and dependency updates. pull 5478, JENKINS-40700 , Remoting 4.8 changelog

Major bug fix

Allow builds to complete when using fingerprints to track items associated with the build. Fix a regression where fingerprint facets were not removable (regression in 2.292). JENKINS-65611

Enhancement

Update Stapler from 1.263 to 1532.vfcf95addcb5f to improve performance when encoding unicode characters in JSON API. pull 5422, Stapler 1527.ve41b3ce15c05 changelog, Stapler 1532.vfcf95addcb5f changelog
Display Pipeline builds among user build history and remove incorrect warning about view build history. JENKINS-59412
Stop bundling the External Monitor Job Type, LDAP, and PAM Authentication plugins. Jenkins will no longer automatically install the External Monitor Job Type, LDAP, or PAM Authentication plugins on startup if a plugin depending on Jenkins 1.467 or earlier is discovered. If you use such a plugin that also relies on the functionality provided by the External Monitor Job Type, LDAP, or PAM Authentication plugin and manage plugins outside Jenkins' plugin manager, you will now need to ensure that a recent release of the External Monitor Job Type, LDAP, or PAM Authentication plugin is installed. Jenkins will attempt to load such plugins but may fail at any time during startup or afterwards with ClassNotFoundException or similar. pull 5445, External Monitor Job Type plugin, LDAP plugin, PAM Authentication plugin
Internal: Update Stapler from 1.263 to 1532.vfcf95addcb5f to remove Guava dependency. pull 5422, Stapler 1527.ve41b3ce15c05 changelog, Stapler 1532.vfcf95addcb5f changelog

Bug fix

Improve build status progress animation. JENKINS-65574

Enhancement

Remove JEP-200 compatibility workarounds for releases published before February 2018 of the following plugins: Maven Integration, Job DSL, Monitoring, Git Client, Pipeline: Supporting APIs, OWASP Dependency-Check. pull 5454, Plugin versions with a fix, JEP-200
Stop sending HTTP response headers related to the remoting-based CLI (removed in 2.165). pull 5452

Bug fix

Improve performance for standard input of the Jenkins CLI, for example with the install-plugin command. JENKINS-64294
Wrap the build name in the build results list if it is too long. JENKINS-65190

Enhancement

Winstone 5.17: Update Jetty from 9.4.39.v20210325 to 9.4.40.v20210413 for bug fixes and enhancements. pull 5437, Winstone 5.17 changelog, Jetty 9.4.40 changelog

Bug fix

Fix an issue archiving files greater than 4 GiB in size when creating ZIP64 archives. JENKINS-52356

Major bug fix

Ensure that file parameters correctly overwrite previous files (regression in 2.278). JENKINS-65327

Bug fix

Stop using deprecated untrusted submit events on modern browsers for compatibility with future Firefox releases. JENKINS-53462

Enhancement

Improve UI of slow trigger administrative monitor. pull 5424
Improve performance when creating or deleting nodes by reducing queue-lock contention. JENKINS-65308
Bump spring-security-bom from 5.4.5 to 5.4.6. pull 5413, Spring project spring-security 5.4.6 release notes
Update Japanese translations for login screen. pull 5410

Enhancement

Reduce task queue lock contention when creating or deleting nodes. JENKINS-65308
Simplify icon for unstable builds (use an exclamation mark). pull 5392
Add Turkish translations for new login form. pull 5387
Developer: Remove unnecessary bundled handlebars asset. There is no expected impact on plugins depending on handlebars. pull 5385
Developer: Restore support for Jelly debugging with stapler.jelly.trace. JENKINS-65288
Internal: Update Stapler from 1.262.1 to 1.263 to use latest Apache commons-beanutils. Update Apache commons-beanutils from 1.9.3 to 1.9.4. pull 5324, Stapler 1.263 release notes, Apache commons beanutils 1.9.4 release notes

Bug fix

Fix load statistics graph links to include correct graph duration (regression in 2.264). JENKINS-65336
Honor the current folder when creating new views with the "New View" link. JENKINS-56934

Security

Security fixes. security advisory

Enhancement

Security hardening against some CSRF attacks. related LTS upgrade guide entry

Security

Important security fix. 2021-04-20 security advisory

Major bug fix

Fix disabled dropdown items to appear disabled (regression in 2.264). JENKINS-65021

Enhancement

Improve support for update site-defined setup wizard suggestions. JENKINS-65172
Add a "CI" environment variable, always set to "true" as in most other CI solutions. Note that the presence of this variable may change behavior of some of the tools used in your pipelines. JENKINS-36707
Support 'min' and 'max' values in field definitions of forms. JENKINS-63855
Add administrative monitors recommending no executors are configured on the controller. pull 5337
Add a Jenkins User-Agent header to outgoing HTTP requests by default. Use jenkins.UserAgentURLConnectionDecorator.disabled to disable it if needed. pull 5368
Winstone 5.16: Update Jetty from 9.4.38.v20210224 to 9.4.39.v20210325 for bug fixes and enhancements. 2021-04-20 security advisory, pull 5380, Winstone 5.16 changelog, Jetty 9.4.39.v20210325 changelog
Bump jna from 5.7.0 to 5.8.0. pull 5381, JNA 5.8.0 changelog

Enhancement

Switch to sending POST requests by default for form validation URLs. pull 4623
Bump matrix-auth from 2.6.5 to 2.6.6. pull 5366, Security Advisory 2021-03-18
Upgrade from xstream 1.4.15 to 1.4.16. pull 5360, XStream 1.4.16
Upgrade bouncycastle-api plugin from 2.16.0 to 2.20. Upgrade Bouncy Castle library to 1.64. pull 5347, bouncycastle-api 2.20 changelog, bouncycastle-api 2.18 changelog, bouncycastle-api 2.17 changelog, bouncycastle-api 2.16.3 changelog, bouncycastle-api 2.16.2 changelog, bouncycastle-api 2.16.1 changelog, Bouncy Castle library 1.64 release notes

Bug fix

Fix NoClassDefFoundError exception while executing ProcessTree.get(). JENKINS-62006
Sort available plugins by name when popularity is equal. pull 5359

Major bug fix

Gear, clipboard, and user icons are transparent again (regression in 2.283). pull 5354

Enhancement

Stop bundling the Ant and Javadoc plugins. Jenkins will no longer automatically install the Ant and Javadoc plugins on startup if a plugin depending on Jenkins 1.430 or earlier is discovered. If you use such a plugin that also relies on the functionality provided by the Ant or Javadoc plugin (e.g., the RAD Builder and manage plugins outside the Jenkins plugin manager, you will now need to ensure that a recent release of the Ant or Javadoc plugin is installed. Jenkins will attempt to load such plugins but may fail at any time during startup or afterwards with ClassNotFoundException or similar. pull 5338, Ant plugin, Javadoc plugin, RAD Builder plugin
Update Jenkins CLI to SSHD Core from 1.7.0 to 2.6.0. pull 5206
Add Japanese translations for Dashboard, Views, Rename. pull 5350

Major bug fix

Fix help buttons in the draggable section (regression in 2.264). JENKINS-64972

Major enhancement

Add modern icons: build status and weather. pull 5065
Developer: Add support for plugins to use external SVG sprites in their icons. pull 5065, Example external SVG sprite implementation in GitHub Branch Source plugin

Bug fix

Accept negative numbers in number input controls (regression in 2.274). pull 5341
Prevent Jenkins queue deadlock when cancelling tasks under certain conditions. JENKINS-64931
Do not render full error responses in case of internal errors when validating fields in configuration forms. JENKINS-65017
Lower verbosity of a Queue.save() error message. pull 5326

Enhancement

Add indicator for security-related entries in the global administrative monitors configuration. pull 5078
Add Japanese translations for New Job screen. pull 5334

Major bug fix

Update Eclipse Jetty from 9.4.35.v20201120 to 9.4.38.v20210224 for bug fixes and enhancements. pull 5317, Jetty 9.4.38 changelog, Jetty 9.4.37 changelog, Jetty 9.4.36 changelog

Major enhancement

SSHD module is no longer bundled in Jenkins core. Provide SSHD as a plugin. JENKINS-55582 , JENKINS-64107 , pull 5049, SSHD module repository

Enhancement

Do not force plugin upgrades of recently detached plugins. pull 5311
Upgrade from Remoting 4.6 to Remoting 4.7 with bugfixes and dependency updates. pull 5292, Remoting 4.7 changelog
Remove the hardcoded JKS key store so that other key stores can be used, like BCFKS from the FIPS version of Bouncy Castle. pull 5266

Bug fix

Improve reconnection behavior for inbound TCP agents. JENKINS-64510
Internal: Ensure that Jenkins#setViews() updates the configuration only when all views are successfully set. pull 5301

Enhancement

Improve button focus states. pull 5291
Remove some workarounds for IE < 11. pull 5280
Developer: Relax ParameterDefinition and subclass constructor signatures to allow optional attributes like description to be defined in setters. pull 5275

Major bug fix

Developer: Revert symbol-annotation bump (regression in 2.280). pull 5293

Security

Important security fix. security advisory

Major bug fix

Fix plugin search over multiple update sites (regression in 2.270). JENKINS-64840

Bug fix

Show available plugin updates by reloading update center data on upgrade/downgrade. JENKINS-41727

Enhancement

Update JNA from 5.6.0 to 5.7.0. pull 5273, JNA 5.7.0 changelog
Provide new translations for Polish language. pull 5271

Major bug fix

Fix Internet Explorer 11 rendering of the Available plugins tab (regression in 2.270). JENKINS-64805
Include 'plugin-id' and 'plugin-version' data attributes in the Available plugins tab (regression in 2.270). JENKINS-64775

Enhancement

Upgrade LDAP plugin from 1.26 minimum to 2.3. pull 5244, LDAP 2.3 changelog, LDAP 2.2 changelog, LDAP 2.1 changelog, LDAP 2.0 changelog

Enhancement

Use an updated version of the Commons FileUpload library 1.4 without custom patches. pull 5174, JENKINS-64650 , Apache Commons FileUpload project
Library dependency updates: reflections, javassist, annotation-indexer, commons-compress, bridge-method-annotation, bridge-method-injector, access-modifier-annotation, jaxen. pull 5197, pull 5204, pull 5208, pull 5209, pull 5210, pull 5228, pull 5231, pull 5232

Bug fix

Restore, as deprecated, the old constructor based on acegisecurity Authentication parameter in order to keep backward compatibility. JENKINS-64746

Enhancement

Use a more accessible color palette in configuration form tabs. pull 5176
Improve fingerprint save performance. pull 5190, pull 5198, JENKINS-64670

Bug fix

Fix drag & drop for form changes (regression in 2.264). JENKINS-64291
Fix server-side form validation that broke client-side form validation (regression in 2.270). JENKINS-64429

Security

Security fix. 2021-01-26 security advisory

Major bug fix

Provide a default implementation of the "all files in zip" download link. This is especially important for external storage plugin (regression in 2.275). JENKINS-64655
Fix the file handle leak inside DirectoryBrowserSupport (regression in 2.275). pull 5188, JENKINS-64632 , SECURITY-1452
Include root folder in downloaded zip files (regression in 2.275). Resolve an additional related zip archive root folder issue. pull 5187, JENKINS-64621 , JENKINS-61473 , SECURITY-1452

Enhancement

Allow job descriptions to be copied without zero-width spaces. JENKINS-28022
Update spring-security from 5.4.1 to 5.4.2. pull 5166, Spring project spring-security 5.4.2 release notes
Update commons-codec from 1.14 to 1.15. pull 5165, Apache commons-codec 1.15 release notes
Add a system property jenkins.agent.inboundUrl to provide an alternate URL for inbound TCP agents. JENKINS-63222

Bug fix

Restricted methods FilePath#zip(OutputStream, DirScanner, String, boolean) and VirtualFile#zip(OutputStream, String, String, boolean, boolean) have a new parameter String prefix. pull 5187, JENKINS-64621 , JENKINS-61473

Security

Important security fixes. security advisory

Enhancement

Security hardening related to XML processing using Digester2. related LTS upgrade guide entry
Security hardening related to form validation responses. related LTS upgrade guide entry
Security hardening restricting label names. related LTS upgrade guide entry

Enhancement

Reduce lock contention around jenkins queue. JENKINS-58101
Update jnr-posix library from 3.0.45 to 3.1.4. pull 5129, Commits from jnr-posix 3.0.45 to 3.1.4
Update Java native access (jna) library from 5.3.1 to 5.6.0 for most recent platform library fixes and enhancements. pull 5125, JNA 5.6.0 changelog, JNA 5.5.0 changelog, JNA 5.4.0 changelog

Bug fix

Prevent user input of 'e' or 'E' as 'positive-number', 'non-negative-number', or 'number'. JENKINS-64439

Major bug fix

Fix plugin manager buttons to correctly reposition themselves instead of being stuck under certain conditions (regression in 2.270). JENKINS-64504

Enhancement

Make the root source paths of GroovyHookScript customizable with jenkins.util.groovy.GroovyHookScript.ROOT_PATH. JENKINS-63833
Hide collapse icon in sidepanel widgets if they cannot be collapsed. JENKINS-64483
Update stapler to 1.262 to fix a number of IllegalReflectiveAccessWarnings when running on Java 11. pull 5111, Stapler 1.262 changelog

Major bug fix

Prevent NullPointerException in Plugin Manager when using an update center without support for plugin categories (regression in 2.270). JENKINS-64445

Bug fix

Fix race condition on authentication filters registration. JENKINS-64465

Enhancement

Dropped support for deprecated system properties: hudson.model.Hudson.logStartupPerformance, hudson.model.Hudson.initLogLevel, hudson.model.Hudson.parallelLoad, hudson.model.Hudson.killAfterLoad and hudson.model.Hudson.workspaceDirName. Please use jenkins.model.Jenkins.-prefixed SystemProperties. pull 4962
Remove support for queue.txt format (replaced by XML in 2009). pull 5123
Update Eclipse Jetty from 9.4.33.v20201020 to 9.4.35.v20201120 for bug fixes and enhancements. pull 5122, Winstone 5.13 changelog, Jetty 9.4.34 changelog, Jetty 9.4.35 changelog
Remove administrative monitor offering to migrate $JENKINS_HOME on a ZFS filesystem. pull 5047
Update the bundled XStream library from 1.4.14 to 1.4.15. pull 5115, XStream 1.4.15 changelog

Enhancement

Stop bundling CVS plugin. Jenkins will no longer automatically install CVS plugin on startup if a plugin depending on Jenkins (then Hudson) 1.340 or earlier is discovered. If you use a plugin that relies on the functionality provided by CVS plugin and manage plugins outside the Jenkins plugin manager, you will now need to ensure yourself that a recent release of CVS plugin is installed. Jenkins will attempt to load such plugins but may fail at any time during startup or afterwards with ClassNotFoundException or similar. pull 5102
The page variable divBasedFormLayout is globally available, not only within . JENKINS-64403
Remove unused jquery dependencies. pull 5107

Bug fix

Don't tell users to signup if they can't. JENKINS-64426
Correct Freestyle font-size for descriptions. JENKINS-64332
FieldUtils now silently fails to set public final fields again. JENKINS-64390

Major enhancement

Massive performance enhancement to available plugins page of Plugin Manager. Exact matches of plugin name are moved to the top. JENKINS-64196

Bug fix

Fix incorrect striping of rows on available page of Plugin Manager. JENKINS-63684
Ensure that help text expands correctly for GitHub organization folders (regression in 2.264). JENKINS-64373
Replace slave with agent in Brazilian and Turkish localization of Agent to Controller security. JENKINS-62347

Enhancement

Add Traditional Chinese translation for description of built-in environment variables that are available to shell scripts. JENKINS-64329
Use correct unicode in Spanish translation and other fixes. JENKINS-64330
Developer: Update localizer plugin to allow threaded builds and localization from XML as well as properties. JENKINS-41729

Bug fix

Populate select fields with default values even when pre-populated select tags are used (regression in 2.244). pull 5081, JENKINS-64071 , JENKINS-64125

Enhancement

Reduce page load time by loading the administrative monitors popup on demand. Allow keyboard navigation even when there are active administrative monitors. pull 5063
Improve pipeline startup performance with faster comparison method. Add equals and hashCode to ParameterDefinition implementations. Equals works strictly for the same classes to preventing issues with extended classes. pull 5014
Remove an unused FileSystemProvisioner framework. pull 5048
Developer: Update Node.js version to latest LTS (14.15.1). pull 5087
Internal: iconset library inlined into Jenkins core, developers using this should remove the dependency. pull 5072
Internal: Remove JOnAS application server support. pull 5076

Major bug fix

Fix drag and drop with environment filter (regression in 2.264). JENKINS-64252

Enhancement

Update the bundled XStream library from 1.4.13 to 1.4.14. pull 5074, XStream 1.4.14 changelog

Enhancement

Add the ability to specify a reason for quieting down Jenkins ("Prepare for shutdown"). JENKINS-1877
Show security and non-security notifications in separate categories with their associated icons. JENKINS-63977

Major bug fix

Fix hidden page elements from radio blocks appearing when they should not. JENKINS-64040

Bug fix

Upgrade from Remoting 4.5 to Remoting 4.6 with bugfixes and dependency updates. pull 5043, Remoting 4.6 changelog

Enhancement

Make the Maven Configuration of Global Tools compatible with configuration as code plugin. JENKINS-62446
Minor English cleanup for resource root URL setting. JENKINS-41891
Developer: Remove the deprecated zeroclipboard UI component and the unused dependency on ZeroClipboard. pull 5042
Developer: Remove obsolete support for live class reloading with JRebel. JENKINS-64037
Internal: Modernize the hashing function of ConsistentHash. JENKINS-60563

Major enhancement

Developer: Jenkins now uses an updated version of the XStream serialization library without custom patches. pull 4944, JEP-227, Spring and XStream updates (breaking changes!) blog post
Developer: Jenkins now uses Spring Security rather than its predecessor, Acegi Security. Other bundled Spring libraries are also updated. pull 4948, JEP-228, Spring and XStream updates (breaking changes!) blog post
Developer: Upgrade jQuery from 2.1.4 to 3.5.1. pull 4929, jQuery older release notes (3.1.1, 3.2.1, 3.3.0, 3.3.1, 3.4.0, 3.4.1), jQuery 3.5.0 release notes, jQuery 3.5.1 release notes

Enhancement

Improve performance of authorisation strategies when the authentication realm is case insensitive. JENKINS-64039
French translation for the token paragraph in user configuration and the root breadcrumb ("Dashboard"). pull 5009
Developer: Deprecate UnbufferedBase64InputStream. pull 5039
Developer: Added better parsing overloads to XMLUtils. pull 5026
Internal: Remove inline resources for LoadStatistics. JENKINS-60866

Bug fix

Fix file handle leak when viewing corrupted build logs. JENKINS-62985
Fix redirects when renaming jobs with spaces or non-latin characters. JENKINS-63899
Internal: Correct the scope of the restriction on TokenUuidAndPlainValue. pull 5041

Major enhancement

Change Jenkins configuration UI from tables to divs for layout in forms. JENKINS-56109

Enhancement

Winstone 5.12: Update Jetty from 9.4.30.v20200611 to 9.4.33.v20201020. JENKINS-64035 , Winstone 5.12 changelog, Jetty 9.4.31.v20200723 changelog, Jetty 9.4.32.v20200930 changelog, Jetty 9.4.33.v20201020 changelog

Bug fix

Cleanup "esclave" references and fix terminology for jobs in the French localization. pull 4985
Change the standard URL for obtaining the Inbound Agent configuration file from ${agent_url}/slave-agent.jnlp to ${agent_url}/jenkins-agent.jnlp. The old name is obsolete and will be removed at a future time. JENKINS-35452
Prevent the Build History Widget from crashing when users have Discover permissions without Read for folders. JENKINS-63868

Major bug fix

Downgrade Jetty to 9.4.30.v20200611 to prevent a wrong port from appearing in URLs (regression in 2.261). JENKINS-63958 , Winstone 5.11.1 changelog, Root cause in Jetty

Enhancement

Remove TFS Plugin suggestion from Setup Wizard. pull 5016
Optimize memory allocations in TcpAgentListener, LogRotator and RunList. pull 5011, pull 5012
Add missing French localization for the login page, setup wizard and the main page. pull 4995, pull 4996, pull 4997
Clarify the list separator in file excludes fields. JENKINS-49523

Bug fix

Do not use null value for aria-hidden HTML attributes. pull 4919
Prevent resource leak in the File Fingerprint Storage implementation. pull 4992

Major bug fix

Stop showing JavaScript in the footer (regression in 2.261). JENKINS-63798
Restore reporting of ClassNotFoundException stacktraces in AntClassLoader and ClassicPluginStrategy due to the regressions for some agent types (regression in 2.261). JENKINS-63937

Enhancement

Developer: Update ArtifactArchiver to no longer consult with environment variables injected by EnvironmentContributingAction added during the build, including ArtifactManager ones. pull 4933

Major bug fix

Fix docker build agent provisioning (regression in 2.259-260). JENKINS-63828
Fix extensions footer location (regression in 2.230). JENKINS-63798

Enhancement

Introduce LowResourceMonitor from Jetty by upgrading to Winstone 5.11. Bump jetty.version from 9.4.30.v20200611 to 9.4.32.v20200930. pull 4975, Winstone 5.11 changelog, Jetty 9.4.31.v20200723 changelog, Jetty 9.4.32.v20200930 changelog
SSHD module 2.7: Allow configuring disabled key exchange and MAC algorithms through system properties. pull 4951, SSHD module 2.7 changelog
Reduce memory consumption when loading classes from plugins. pull 4957
Do not render parts of a serialized ConsoleNote in truncated log output. pull 4905
Developer: Pluggable Artifact Storage: Make the VirtualFile API generally available to plugin developers. pull 4974, JEP-202
Developer: Allow omitting ClassNotFoundException in AntClassLoader and ClassicPluginStrategy. pull 4957
Internal: Update slf4j-api from 1.7.26 to 1.7.30. pull 4988, SLF4J changelog
Internal: Update parent pom. Updates various maven plugins and developer tools. pull 4982, Parent pom 1.58 changelog

Major enhancement

SSHD module 2.7: Remove deprecated key exchange and MAC algorithms. pull 4951, SSHD module 2.7 changelog

Bug fix

Replace "slave" reference with "agent" in Traditional Chinese translation. JENKINS-62347
Use 'Agent to controller' to describe agent access control system rather than 'agent to master'. JENKINS-63905
Hide description panel in sidebar if historyWidget.descriptionLimit is 0. pull 4978

Major bug fix

Fix docker build agent provisioning (regression in 2.259). JENKINS-63828

Enhancement

Improve the scripting capacity related to the API Token system. Provide a way to configure a fixed/default API Token for admin during installation phase. JENKINS-57484
Allow users with the Jenkins.MANAGE permission to restart and safe restart Jenkins. JENKINS-63795
Disable autocomplete of username on login form. pull 4952
Internal: Update bundled version of Apache Ant from 1.10.8 to 1.10.9. pull 4958

Major bug fix

Show display names in change list again (regression in 2.243). JENKINS-63712

Enhancement

Update the bundled version of Script Security Plugin from 1.73 to 1.75. pull 4947
Update the bundled version of Display URL API plugin from 2.0 to 2.3.1. pull 4948
Developer: Cloud implementations are given more context about ongoing planned nodes. Add CloudState to be passed to Cloud#provision and Cloud#canProvision methods. pull 4922
Developer: Provide WebAppMain#getDefaultRingBufferSize method for use by telemetry. JENKINS-50669
Developer: Improve the combobox component to support default value and readonly mode. pull 4939

Major bug fix

Migrate the view status filter from views in previous Jenkins releases (regression in 2.240). JENKINS-62661

Enhancement

Improve the layout and clarity of the page displayed when jobs are not yet created. JENKINS-63592
Update the bundled Mailer plugin from 1.21 to 1.32.1. pull 4938
Developer: A SimpleBuildStep or SimpleBuildWrapper can now choose not to require a workspace context (working directory and launcher). JENKINS-46175
Developer: PluginServletFilter is now final, making it impossible for plugins to mistakenly define their own. JENKINS-63682

Bug fix

Prevent radio buttons from moving when they are clicked. JENKINS-63332

Enhancement

Name the first breadcrumb "Dashboard" for clarity. JENKINS-60972
Developer: New static utility method Result#combine(Result,Result) to get the worst of two (nullable) build results. JENKINS-43889

Bug fix

Make sure Environments are always torn down in AbstractBuild. JENKINS-43889

Bug fix

Avoid warning on logs about Anonymous Class in hudson.FilePath. JENKINS-63563

Bug fix

Developer: Ignore flaky UpdateCenter2Test.install test. pull 4916

Major bug fix

Stop pre-formatting agent logs to prevent deadlocks (regression in 2.231). JENKINS-63458

Major enhancement

Graduate Overall/SystemRead permission to general availability (GA) status. pull 4909, JEP-224

Enhancement

Set Cross-Origin-Opener-Policy to same-origin. pull 4910
Avoid losing work in progress by using a new browser tab to open the plugin link in a configuration screen’s inline help. JENKINS-63429
Developer: Remove the unused description attribute from f:dropdownList. JENKINS-63220

Major enhancement

Major update of the Alpine-based Jenkins Docker image. Jenkins Docker image for Alpine now uses Alpine 3.12 and AdoptOpenJDK 8u262. LTS upgrade guide

Major bug fix

Fix button that copies API token to clipboard (regression in 2.238). JENKINS-63274
Fix a deadlock in agent logging. JENKINS-63082

Bug fix

Fix Cmd + Enter not running the script in the Script Console on a Mac (regression in 2.248). JENKINS-63342
Fix backspace key sometimes did not delete text from the Script Console on a Mac (regression in 2.248). JENKINS-63342
Fix regular expression validator UI location (regression in 2.244). JENKINS-63308
Make alert colors consistent with 'Manage Jenkins' alert colors. JENKINS-63330
Developer: Make unavailable plugin background themeable. JENKINS-63331
Internal: Remove some text messages from Jenkins core which had already been moved to the LDAP and PAM Authentication plugins. Be sure to upgrade to LDAP 1.22 or newer and PAM Authentication 1.5 or newer. pull 4866

Enhancement

Add Japanese translations for user configuration screen. pull 4904
Prevent concurrent build deletion. JENKINS-61687
Developer: Expose fingerprint range set serialization methods for plugins. pull 4888
Internal: Remove deprecated and unused ProcessTreeKiller class. pull 4874
Internal: Exclude JUnit and Hamcrest libraries from the jenkins.war bundle. JENKINS-63269

Security

Important security fixes. security advisory

Major bug fix

Restore wrapping tabs into multiple lines instead of overflowing (regression in 2.248). JENKINS-63180

Bug fix

Show build time data in the Build Time Trend Page (regression in 2.245). JENKINS-63232
Normalize widget colors to be consistent with the new color palette. Fixes bread crumbs flash in Dark Theme
Empty installed plugins table text is readable again (regression in 2.249). JENKINS-63276
Replace text references to slave with agent in Japanese documentation and messages. JENKINS-63166
Prevent JavaScript error when registering validators in some cases. JENKINS-42228
Do not block rendering of Manage Jenkins while waiting for update center data. pull 4881

Enhancement

Developer: Allow migration of fingerprints from local storage to external storage. JENKINS-62757

Bug fix

Internal: Fix UsageStatisticsTest failure in java.vendor vs. java.vm.vendor. pull 4879

Major bug fix

Do not throw exceptions when building environment for certain build steps (regression in 2.248). In particular, the Powershell step from the Powershell plugin was affected. JENKINS-63168

Enhancement

Align the Plugin Manager table headers. pull 4858

Bug fix

Fix an issue where the header of certain elements such as the authorization matrix would have wrong styles. pull 4861

Major enhancement

Stop supporting .NET Framework 2.0 for launching Jenkins server and agents as a Windows service. .NET Framework 4.0 or above is now required. announcement, upgrade guidelines, JENKINS-60005 , JENKINS-61862 , Windows support policy
Update Windows Service Wrapper (WinSW) from 2.3.0 executable for .NET Framework 2.0 to 2.9.0 for .NET Framework 4.0. Includes numerous improvements and bugfixes. Most notably, the service installer will now ask for permission elevation if the required. changes summary, full WinSW changelog, Windows Agent Installer 2.0 changelog

Enhancement

Reorder configuration and delete buttons in the left sidepanel. pull 4852
Add the ability to filter out environment variables for Shell and Windows batch build steps. JENKINS-62014
Revamp the tabs and tables with better spacing and a consistent color palette. JENKINS-63002
Remove page generation timestamp from the footer. JENKINS-61806
Add sorting to Old Data management tables. JENKINS-25259
Allow fingerprint storage engine to be selected from the configuration page. JENKINS-63022 , JEP-226
Show warnings for deprecated plugins in the update manager and administrative monitors. JENKINS-59136
Update Jenkins form styling in preparation for changing form layout. JENKINS-56109 , Configuration UI Accessibility: Tables to Divs migration
Show hints about the current time on the server’s zone when configuring your User Defined Time Zone. JENKINS-61806
Developer: Add new extension points to define build step environment filters (currently in beta). JENKINS-62014
Developer: Add theming support for alert-* classes. Dark Theme repository
Developer: Add alert-success banner. JENKINS-62747
Developer: Allow theming the text area handle. Dark Theme repository
Developer: Require FingerprintStorage descriptors so they can be configured from the configuration page. JENKINS-63022
Developer: Remove method BeanBuilder.loadBeans(String). pull 4838
Internal: Allow JUnit 5 tests in the Jenkins core unit tests. Jenkins Test Harness-based integration tests still require JUnit 4. pull 4699
Internal: Use built-in WinSW features for permission elevation and strong cryptography. pull 4823, Windows Agent Installer 2.0 changelog
Internal: Upgrade to Remoting 4.5. This switches agent.jar and remoting.jar to a code-signing certificate owned by the CDF. pull 4832, Remoting 4.4 changelog, Remoting 4.5 changelog
Internal: Remove inline resources from layouts. JENKINS-60866
Internal: Document the Jenkins core issue triage guidelines. documentation

Bug fix

Fix IllegalArgumentException: Method not found error caused by misbehaviour in Util.isOverridden() (regression in 2.241). JENKINS-62723
Avoid a stack trace when an older version of glibc was used by an agent. pull 4830
Remove the fallback Jenkins URL from the JNLP launch file so that WebSocket agents can be connected over Java Web Start. JENKINS-63014
Fix the default domain name in Windows service serviceaccount configurations. JENKINS-12660 , Windows Service Wrapper 2.7.0 changelog

No notable changes in this release.

Security

Important security fixes. security advisory

Enhancement

Clean up more workspace related directories, e.g. @libs from Pipeline libraries. JENKINS-41805
Update Italian localization. pull 4810
Internal: JavaScript refactoring in preparation for form layout modernization. JENKINS-56109
Developer: Extend the DownloadService.Downloadable API to make it easier to work with default IDs. JENKINS-62572
Developer: Introduce an API to check ParameterDefinition validity. JENKINS-62889
Developer: Make WorkspaceList.COMBINATOR accessible to plugins. JENKINS-41805

Enhancement

Update the styles for the links on the management page. pull 4782
Restyle and improve accessibility for the RSS feed bar. JENKINS-62750
Winstone 5.10: Add --httpsRedirectHttp option that activates automatic HTTP request redirects to HTTPs. pull 4811
Winstone 5.10: Update Jetty from 9.4.27.v20200227 to 9.4.30.v20200611. pull 4811, 9.4.28.v20200408 changelog, 9.4.29.v20200521 changelog, 9.4.30.v20200611 changelog
Developer: Allow f:repeatableHeteroProperty to pick up field attribute from enclosing f:entry. pull 4807
Developer: Switch to id from fullName in User.toString(). JENKINS-62688
Developer: auto-completion for labels is now available via LabelExpression.autoComplete(). Deprecate hudson.model.AbstractProject.LabelValidator in favour of jenkins.model.labels.LabelValidator. but the old version also has a new checkItem() method to allow it to validate non-Project items. Deprecate hudson.model.AbstractProject.DescriptorImpl.validateLabelExpression() in favour of LabelExpression.validate() (which takes any kind of Item object instead of only AbstractProjects). Aggregates all warnings and errors reported by LabelValidator (old and new). JENKINS-26097

Bug fix

Winstone 5.10: Fix --httpKeepAliveTimeout option which had no effect (regression in 2.224). JENKINS-61823
Shutdown gracefully when SCM triggers are configured. JENKINS-62695

Major bug fix

Do not log exceptions when browsing to the plugin manager while private source plugins are installed (regression in 2.240). JENKINS-62622

Enhancement

Remove white background of 'Keep this build forever' when using dark theme. pull 4814, Dark theme plugin
Restyle hyperlinks to make them look more modern and readable. JENKINS-62698
Update the Japanese messages for the scheduler on the setting page. pull 4783
Developer: Add experimental External Fingerprint Storage API. JENKINS-62345 , pull 4731, JEP-226, Reference Implementation
Developer: Introduce new Fingerprint API methods: Fingerprint#getPersistedFacets(), Fingerprint#delete(String) and file-independent CRUD methods. Deprecate Fingerprint#save(File). JENKINS-62345 , pull 4731, Fingerprint API Javadoc

Bug fix

Fix IllegalArgumentException for Choice Parameter when saving job configuration. JENKINS-61438 , Stapler 1.260 changelog
Correctly encode control and surrogate characters when exporting data to JSON. pull 4813, Stapler 1.260 changelog
Replace esclave with agent in French documentation. JENKINS-62714

Major bug fix

Restore colors on the Job configuration page, help page, and other controls (regression in 2.239). pull 4781

Enhancement

Convert arrow icons from images to CSS. JENKINS-62496
Restyle side panel widgets to have a more modern look & feel. JENKINS-62175
Developer: Plugins can now more easily add support for using build steps in pipelines with access to the appropriate environment variables (such as from tools/environment blocks or steps like withEnv). The fingerprint and archiveArtifacts pipeline steps will no longer apply any environment substitution. JENKINS-29144

Enhancement

Make RSS field and agent disconnected images transparent for dark theme. pull 4772
Show in plugin manager when newer releases of plugins exist but aren't being offered due to unsatisfied requirements. JENKINS-62332
Add support for Dark Theme in the login screen. JENKINS-62515 , pull 4763, Dark Theme repository
Update bundled Script Security Plugin from 1.71 to 1.73. pull 4769
Internal: Remove inline resources for non-standard showDetails. JENKINS-60866

Bug fix

Restore background colors on new item and job config pages. pull 4771
Fix buttons lingering for a bit after closing modal (regression in 2.233). pull 4770
Display correct time in the Build History Widget when a custom timezone is set in the user profile. JENKINS-61972

Major enhancement

Release 'alpha' dark theme. JENKINS-60924 , pull 4752, Dark Theme repository
Developer: Add support for CSS variables, useful in themes. JENKINS-60924 , pull 4752, Dark Theme repository

Bug fix

Fix markup previews for disabled textareas shown to users with extended read permission. JENKINS-62433
Prevent side panel shrinking in specific resolutions (~1000px), regression in 2.238. pull 4755

Enhancement

Make the CLI link in Manage Jenkins visible to users with Overall/SystemRead permission. pull 4739
Improve accessibility by adding aria-labels for username and password fields in login forms. JENKINS-62421
Implement the read-only mode in Expandable Text Box configuration form elements. JENKINS-62434
Performance: Reduce number of calls and iterations through the list of jobs when displaying List Views. JENKINS-20052
Remove Subversion Plugin from suggested plugins in the setup wizard. JENKINS-62477
Fingerprints browser: Move fingerprint link into existing fingerprint artifact text. JENKINS-62470
Allow users with Overall/Manage permission to configure Node Monitoring. JENKINS-62264
Internal: Print stack trace from the originating thread if SlaveComputer#_connect fails. pull 4754
Developer: Add source maps for CSS and JavaScript. JENKINS-62473

Major bug fix

Fix a deadlock involving custom loggers during agent startup (regression in 2.231). JENKINS-62181

Enhancement

Support Bearer tokens in Jenkins-CLI -auth parameter. pull 4673
Add system read support for 'Node Monitoring Configuration' and configuring clouds. JENKINS-61206
Add Agent/ExtendedRead support for viewing agent configuration, system information, and logs. JENKINS-61206
Fix a thread safety issue in Computer#getLogDir. pull 4730
Revamp the sidebar task list with improved aesthetics and accessibility. JENKINS-61973
Allow users with Overall/Manage permissions to reload configuration from disk. JENKINS-61458
Developer: Add support for the permissions attribute to task.jelly. JENKINS-61206
Developer: Add hasAnyPermissions API to Functions to allow it to be called by views. JENKINS-61206
Developer: Add non-deprecated Jenkins core library dependencies to the BOM. pull 4702

Major bug fix

Prevent telemetry warnings about missing javax.annotation classes when running with Java 11 (regression in 2.231). JENKINS-61920

Bug fix

Prevent Old Data Monitor from failing plugin loading in the case of class field unmarshalling issues. JENKINS-62231
Ensure that UserLanguages telemetry initializer always runs after extensions are augmented. JENKINS-60118
Developer: Ensure that job/folder creation routines properly check the requested name for invalid characters. JENKINS-61956

Enhancement

Update Apache Ant from 1.10.7 to 1.10.8. pull 4725
Internal: Update the JSTL API library from 1.2.1 to 1.2.7. pull 4656, Changelog up to 1.2.5, Diff of 1.2.3 to 1.2.7, Diff of 1.2.1 to 1.2.3
Developer: Deprecate jenkins.model.Configuration in the Java API. pull 4715

Major bug fix

Make plugin manager work on Internet Explorer 11 again (regression in 2.231). JENKINS-62163

Enhancement

Security hardening: Always round-trip password form control values in an encrypted form, even if not backed by an encrypted Secret field. In case of problems, this can be disabled by setting the system property hudson.util.Secret.AUTO_ENCRYPT_PASSWORD_CONTROL to false on startup. JENKINS-61808
Security hardening: Always use a placeholder value for password form control values in item related configuration forms when the user is missing Item/Configure permission, even if not backed by an encrypted Secret field. In case of problems, this can be disabled by setting the system property hudson.util.Secret.BLANK_NONSECRET_PASSWORD_FIELDS_WITHOUT_ITEM_CONFIGURE to false. JENKINS-61808
Developer: Make the SystemProperties API available to plugins so that their properties could be managed by a standard engine. pull 4707, Javadoc, Jenkins Features Controlled with System Properties

Major bug fix

Prevent a form validation "404 Not Found" error when the resource root URL configuration points at a previously configured resource root URL (regression in 2.205). JENKINS-62133
Make Breadcrumbs displayed after notification alerts clickable again. JENKINS-62065

Enhancement

Allow system read to view more admin monitors. JENKINS-61208
Limit the number of exceptions thrown by some operations such as recursive directory deletion. Previously, in rare cases, exceptions thrown when failing to delete large directories could consume significant amounts of memory. JENKINS-61841
Indicate which component provides an URL that is always available without authentication in the global security configuration. pull 4668
Developer: Add nogrid option to layout.jelly tag to allow suppressing the bootstrap 3 grid. See bootstrap4-api-plugin for details. JENKINS-61326
Developer: Update javax.mail to jakarta.mail 1.6.5. pull 4660
Internal: Remove inline resources from ReverseProxySetupMonitor view. Add a specific warning when the Jenkins Root URL does not contain the contextPath. JENKINS-60866
Internal: Remove inline resources from LogRecorder views. Align the column headers of bigtables to the left JENKINS-60866

Bug fix

Fix a classloading issue while executing ProcessTree.get(). JENKINS-62006
Developer: Make it possible to look up extension implementations from more than one specific extension point at a time. JENKINS-62056

Major bug fix

Fix sort order in "Available" tab of the plugin manager (regression in 2.233). pull 4675
Fix a regression where the dropdown of the autocomplete widget would not be rendered correctly (regression in 2.233). JENKINS-62001

Enhancement

Restyle the help icon. pull 4663
Allow users with system read permission to view the system logs. JENKINS-61207
Reword "Continue as admin" button of the plugin setup wizard. JENKINS-46669
The default number of executors for an agent created programmatically (or as-code) is now 1 rather than 2. pull 4677
Session hijacking protection hardening. JENKINS-61738
Developer: Remove unused deprecated HudsonExceptionNote. pull 4667

Bug fix

Distinguish between defined (*****) and undefined (N/A) password on read-only configuration forms for users with Overall/SystemRead or Item/ExtendedRead permissions. JENKINS-61812

Enhancement

Allow linking to plugin manager URLs with pre-filled filter field. Link labels in the plugin manager to pre-filtered lists. pull 4591
Add system read support to admin monitors. JENKINS-61208
Allow users with system read permission to view the global tool configuration. pull 4519
Sort plugins by popularity on the "Available" plugin manager tab if the update site provides popularity data. pull 4588
Restyle buttons. Add support for large buttons, hyperlinks styled as buttons and icon-only buttons. JENKINS-61840

Bug fix

Forward Groovy view permission errors to login. Some views showed an error screen instead of forwarding to the login form when necessary permissions were missing. JENKINS-61905

Bug fix

Fix input field hints for tools like the git plugin that search the PATH for their executable (regression in 2.205 and 2.222.1). JENKINS-61711

Enhancement

Internal: Remove inline resources from Job views. JENKINS-60866
Internal: Introduce a new Jenkins core maintainer guide. pull 4472

Enhancement

Add section headers to context menu of Manage Jenkins. pull 4586
Improve the view shown when there are no jobs. pull 4633
Configuration as code plugin support for configuring user timezones. pull 4557
By default suppress log message about a missing optional extension. pull 4617
Don't show all available plugins by default; use search field to find plugins. pull 4580
Allow use of multiple space-separated filter terms in plugin manager. pull 4580
Allow users with system read permission to view the Manage Plugins configuration. JENKINS-61203
Add support for serving file parameter values from the resource root URL, if set. pull 4614
Set httpOnly header on cookie for iconSize storage. pull 4609
Developer: Switch bug detection annotations from JSR-305 to SpotBugs / net.jcp equivalents. pull 4604
Developer: Upgrade commons-codec to 1.14. pull 4636

Bug fix

Fix spacing between error messages in Setup Wizard (regression in 2.217). JENKINS-61660
Ensure that log messages are not missing numeric parameters when log entries are created on an agent. In particular, fix logs collected by the Support Core plugin. pull 4621
Ensure that encoded console annotations are stripped from system logger messages. pull 4632
Update crypto-util from 1.1 to 1.5 to fix the license link in Jenkins Web UI. pull 4631

Enhancement

Improve styling of alert banners to be more visually appealing and to better match existing user interface components. Alerts now fully cover the navigation bar while they are displayed instead of covering only a portion of the navigation bar. JENKINS-61478
Do not show disabled permissions in permission errors when checking for any of several permissions. JENKINS-61467
Allow hyperlinks to be used when displaying causes of blockage related to labels rather than individual nodes. pull 4616
Add option to configure follow symlinks when archiving artifacts. JENKINS-5597
Prepare for Shutdown management link is now accessible to users with Overall/Manage permission in addition to the usual Overall/Administer. JENKINS-61453
Update footer styles. JENKINS-61496
Allow configuration-as-code plugin to disable admin monitors. JENKINS-56937

Bug fix

Update Groovy Init hooks to run after all job configurations are adapted. JENKINS-61694
Fix class cast exception in fingerprint cleanup thread. JENKINS-61479

Major bug fix

Use the saved global build discarder configuration on restart. Jenkins 2.221 through 2.228 ignore the saved global build discarder configuration when they restart. JENKINS-61688
Fix proxy form validation when a password is set (regression in 2.205). JENKINS-61692

Enhancement

Update .NET version checks to be more correct for modern .NET versions. pull 4554
About Jenkins management link is now accessible to users with Overall/Manage or Overall/SystemRead (as well as the usual Overal/Administer). JENKINS-61455
Developer: Create symlinks atomically and log warning on failure. JENKINS-56643
Developer: Secret and ConfidentialKey implementations can now be used from unit tests without JenkinsRule. pull 4603

Bug fix

Robustness: Don't throw a NullPointerException when trying to convert null to Secret. pull 4608
Upgrade to Remoting 4.3 to fix an issue with large payloads over WebSockets. Requires a matching agent.jar with remoting 4.3 or later. pull 4601, pull 4596, JENKINS-61409 , Remoting 4.3 changelog, WebSockets blog post, JEP-222

Security

Important security fixes. security advisory

Enhancement

Security hardening related to request routing and CSRF protection. related upgrade guide

Enhancement

System Information management link is now accessible to users with Overall/Manage, showing only plugins and memory usage information. JENKINS-61456
Limit max width of Manage Jenkins entries on very large screens. pull 4582
Usage Statistics in Global Configuration is now configurable by users with Overall/Manage permission (as well as the usual Overal/Administer). JENKINS-61457
Make HTTP DELETE based item deletion behave more like an API, recommend it over POST /doDelete. JENKINS-61308
Increase scroll speed of context menus. pull 4592
List plugins that failed to load on the Installed tab of the plugin manager. pull 4589
Highlight in the plugin manager when plugins are looking for new maintainers ("Adopt this plugin"). pull 4584
Developer: Add Javadoc for management link category definitions. pull 4578
Internal: Permit core building using newer JDK than version 8. JENKINS-61105

Major bug fix

Fix drag & drop for previously saved steps in the job configuration form (regression in 2.217). JENKINS-61429

Major enhancement

Organize entries on the Manage Jenkins page into categories and show them in a grid. pull 4546

Enhancement

Remove the unnecessary "monitor[s]" text next to the bell for a cleaner UI. Change the colors of the notifications next to the bell to make them more noticeable. JENKINS-61224
Allow usage statistics to be configured with the configuration-as-code plugin. JENKINS-54662
Allow ssh authorized keys to be configured with the configuration-as-code plugin. pull 4563, ssh-cli-auth 1.8 changelog
Use modern system fonts provided by the browser when possible. Changes font size for body copy and headings to improve consistency and legibility. JENKINS-60921
Update bundled Script Security Plugin from 1.70 to 1.71. pull 4561, Script security plugin 1.70 changelog, SECURITY-1754 sandbox bypass vulnerability
Show in plugin manager table when there are security issues in a currently installed plugin. pull 4553
Add French translation for 'New View'. JENKINS-61424
Add ManagementLink#getCategory() for entries on Manage Jenkins to be grouped into category. See the ManagementLink.Category enum for supported return values. pull 4546
Developer: Make h.checkAnyPermission and <l:layout permissions="…"> work on objects that aren't AccessControlled. JENKINS-61465
Document nullability of newInstanceFromRadioList() methods and callers. pull 4543
Internal: Remove inline resources from restart views. JENKINS-60866

Bug fix

Fix support of the default attribute in the Jelly enum form control. JENKINS-61385

Major bug fix

Don't lose SCM configuration when saving job (regression in 2.224). JENKINS-61398

Major bug fix

Winstone 5.9: Fix propagation of the maximum form content size and form content keys number (regression in Jetty 9.4.20 and Jenkins 2.205). pull 4542, JENKINS-60409 , Winstone 5.9 changelog
Winstone 5.9: Fix reverse improper proxy redirects to Host due to X-Forwarded-Host and X-Forwarded-Port ordering issue (regression in Jetty 9.4.20 and Jenkins 2.205). pull 4542, JENKINS-60199 , Winstone 5.9 changelog, Jetty 9.4.27 changelog
Do not disable all controls on job configuration forms for some users with Job/Configure permission (regression in 2.223). JENKINS-61321

Enhancement

Show plugin release date in plugin manager. pull 4535
Suppress error stack traces for non-administrator users as core capability. JENKINS-60410
Indicate when security issues would be addressed by an update in plugin manager. JENKINS-61166
Show plugin categories as labels in the plugin manager instead of grouping them into different table sections. pull 4534
Update the Version Number library from 1.6 to 1.7 to remove transient dependencies on FindBugs annotations. JENKINS-61279

Bug fix

Prevent unhandled JSONException in DescriptorList#newInstanceFromRadioList() and ExtensionDescriptorList#newInstanceFromRadioList(). JENKINS-61345
Update size of the search box properly when screen is resized. JENKINS-61300
Remove grey bar below the textarea form elements for read only users. JENKINS-61284
Prevent NullPointerException when hitting "Check Now" against a custom update center without tool installer metadata. JENKINS-60788
Fix blank page on configure clouds page if no cloud plugin installed. JENKINS-61285
Update the descriptorRadioList form elements to honor DescriptorVisibilityFilter extension points. JENKINS-51495

Major enhancement

Remove 'auto refresh' feature, including now obsolete auto refresh telemetry capability. pull 4503

Enhancement

Allow users with system read permission to view the global security configuration page. JENKINS-61205
Allow users with system read permission to view the About Jenkins page. JENKINS-61201
Users with extended read permission now get a more read-only looking UI. JENKINS-61202
Allow FingerprintFacet to block the deletion of fingerprint. JENKINS-28379
Internal: Remove unused class StringConverter2. pull 4468
Internal: Remove unused internal class Memoizer - use ConcurrentHashMap. pull 4470
Developer: Listen on loopback interface by default in debug mode. pull 4515

Bug fix

Prevent one occurrence of "Jenkins.instance is missing" pull 4525, JENKINS-55070 , JENKINS-59992 , JENKINS-60454 , JENKINS-61192
Reintroduce Build History description truncation by default. Allow managing/disabling the limit via the historyWidget.descriptionLimit system property. A negative value removes the limit, 0 forces empty descriptions. pull 4529, JENKINS-61004 , JENKINS-60299
Avoid a NullPointerException when starting a non-Pipeline build with a custom root directory set to a filesystem root (e.g., C:\). JENKINS-61197

Major enhancement

Revamp the layout and icons of the header bar and breadcrumbs. Instances with plugins that depend on details of the Jenkins layout (e.g. Simple Theme Plugin) may experience UI/layout problems. A new experimental header color scheme can be enabled by setting the jenkins.ui.refresh system property to true. JENKINS-60920
Introduce a new experimental UI that can be enabled by setting the jenkins.ui.refresh system property to true. Currently it includes a new header color scheme, more changes to be added as a part of the UI/UX revamp. pull 4463, JENKINS-60920 , JEP-223, Jenkins UX SIG
Add a new experimental Overall/Manage permission which allows a user to configure parts of the global Jenkins configuration without having the Overall/Administer permission. This is an experimental feature, disabled by default, that can be enabled by setting the jenkins.security.ManagePermission system property to true. pull 4501, JENKINS-60266 , JEP-223
Add a new experimental Overall/SystemRead permission, which gives (almost) full read access to the Jenkins instance. The permission is disabled by default, install the Extended Read Permission plugin to activate it. pull 4506, JENKINS-12548 , JEP-224, Extended Read Permission plugin

Enhancement

Deprecate the Overall/RunScripts, Overall/UploadPlugins, and Overall/ConfigureUpdateCenter permissions. Permissions were announced as dangerous and disabled by default in major authorization plugins in 2017. Custom authorization strategy implementations that grant Overall/Administer without implying one or more of these three permissions will no longer work as expected. Configurations that grant any of these permissions to users without Overall/Administer will no longer work as expected. pull 4365, JENKINS-60266 , JEP-223, 2017-04-10 security advisory for Matrix Authorization plugin, 2017-04-10 security advisory for Role-Based Authorization plugin
Remove the ability to have CSRF protection disabled. Instances upgrading from older versions of Jenkins will have CSRF protection enabled and the default issuer set if they currently have it disabled. pull 4509
Order Admin Monitors in Global Configuration page. JENKINS-60966
Add memory usage monitor to system information page. pull 4499
Improve performance when loading tied jobs. pull 4497
Add french translation for concurrent build help. pull 4505
Developer: Add new checkAnyPermission, hasAnyPermission methods that allow access if a user has one of the supplied permissions. pull 4506, JENKINS-12548 , JEP-224
Developer: Add a new f:possibleReadOnlyField jelly tag, wraps fields in an if readonly check and then outputs the result as text if the authenticated user only has read access. N/A is added if the field is empty. pull 4506, JENKINS-12548 , JEP-224
Developer: Add a new l:hasAdministerOrManage jelly tag, hides the body of the tag if the user doesn't have Overall/Administer or Overall/Manage. pull 4506, JENKINS-12548 , JEP-224
Developer: Allow plugins to force an update of an UpdateSite. JENKINS-61046

Bug fix

Fix issue with too many open files error when using resource domain. JENKINS-61121

Major enhancement

Add globally configured build discarders that delete old builds not marked as "keep forever" even if there is no, or a less aggressive, per-project build discarder configured, executed periodically and after a build finishes. pull 4368

Major bug fix

Jenkins will by default execute the configured per-project build discarder periodically even if no build is currently finishing. This may delete old builds of projects that got a more aggressive build discarder configuration since the last build was run. pull 4368

Bug fix

Dynamically loading certain plugins could result in permission errors. JENKINS-61071

Enhancement

Update bundled Script Security Plugin from 1.68 to 1.70. pull 4490
Do not show disabled permissions in permission errors. pull 4482
Developer: Use correct alert box name in Javadoc description. pull 4493
Developer: Introduce filtering overload to getAllItems(), allItems() and getItems(). pull 4469
Developer: Add new extension point BackgroundBuildDiscarderStrategy to allow more flexible build discarding strategies for the global build discarder configuration. pull 4368
Developer: Add findsecbugs plugin to spotbugs build plugin. pull 4381
Internal: Remove inline resources from HudsonPrivateSecurityRealm views. JENKINS-60866
Internal: Changed exception presented when AtomicFileWriter fails to write to file. pull 3989

Major bug fix

Fix agent installation as a service on Windows (regression in 2.217). JENKINS-60926 , Remoting 4.2 changelog, Agent Installer Module 1.7 changelog
Fix NullPointerException when getting a list of runs with a status threshold (regression in 2.202). JENKINS-60884

Major enhancement

Remove network discovery services (UDP and DNS). Users of the Self-Organizing Swarm Modules plugin should update the plugin and its CLI client to 3.18. JENKINS-60913 , Self-Organizing Swarm Modules Plugin 3.18 changelog
Extends the current milestones so plugins can update jobs and configuration during Jenkins initialization. Adds initialization milestones: SYSTEM_CONFIG_LOADED, SYSTEM_CONFIG_ADAPTED, JOB_CONFIG_ADAPTED. JENKINS-51856

Enhancement

Export the plugin compatibility flag in Update Site REST API. pull 4385
Suggest Jenkins Configuration as Code plugin in the installation wizard. pull 4410
Do not record the user creating an agent in some circumstances. JENKINS-21837
Avoid logging node monitoring exceptions caused by node deletion. JENKINS-54496
Improve RSS feed titles. JENKINS-60848
Display build duration as tooltip to build date/time in the job's build history. pull 4453
Improve performance of List Views when listing items. pull 4462
Improve performance of artifact archiving when using jenkins.model.StandardArtifactManager.disableTrafficCompression=true. JENKINS-60907

Bug fix

Prevent creation of duplicated SetupWizard singleton instances on Jenkins startup. JENKINS-60867
Fix IndexOutOfBounds exception in ChoiceParameterDefinition.getDefaultParameterValue. JENKINS-60721
Update Plugin manager pages to show icons while Jenkins is restarting. JENKINS-59486

Security

Important security fixes. security advisory

Enhancement

Security hardening related to Stapler routing.
Security hardening: Set X-Content-Type-Options to nosniff in REST API responses.

Major bug fix

Winstone 5.8: Fix a KeyStores with multiple certificates are not supported error from Jetty when passing certain kinds of certificates, such as domain wildcards (regression in 2.217) JENKINS-60857 , Winstone 5.8 release notes - regression in 5.6

Bug fix

Winstone 5.7: Fix support of system logging customization (regression in 2.177) JENKINS-57888 , Winstone 5.7 release notes

Enhancement

Add the boolean disabled flag to applicable jobs' REST API output for classic project types like Freestyle, Maven, or Multi-configuration (Matrix). pull 4436
Internal: Winstone 5.7: Change the Jetty thread pool name to "Jetty (winstone)" pull 4452, JENKINS-60821 , Winstone 5.7 release notes

Major bug fix

Fix localized versions to no longer report can't parse argument number: changelog.url (regression in 2.214). JENKINS-60822
Jenkins 2.212+ failed to load certain injected fields such as used by the Bitbucket Server Integration plugin. JENKINS-60816

Major enhancement

Add experimental WebSocket support. JEP-222, blog post
Internal: frontend toolchain upgraded to use webpack. Enabled babel to transpile certain JS modules. JENKINS-60734

Enhancement

Upgrade Jetty from 9.4.22.v20191022 to 9.4.25.v20191220. Jetty 9.4.23 release notes, Jetty 9.4.24 release notes, Jetty 9.4.25 release notes
Upgrade to Remoting 4.0. Remoting 4.0 release notes
Developer: Update access-modifier to allow plugins to use suppressions pull 4441

Bug fix

Prevent inaccurate warnings about missing classes on Java 11 triggered by JavaMelody when Monitoring Plugin is installed. JENKINS-60725
Fix java version check for AdoptOpenJDK 11. JENKINS-60678

Bug fix

Build failed. Release bits were not deployed.

Bug fix

If the Jenkins root URL has been configured by scripts prior to running the setup wizard, skip the location configuration panel even if selecting the option to skip creation of an admin user. JENKINS-60750
Prevent the RSS feed in Computer page from returning an error 404 JENKINS-60577
Include details in the system log when a build rotation fails. JENKINS-60716

Major enhancement

Remove old, deprecated, unsupported agent protocols Inbound TCP Agent Protocol/1, Inbound TCP Agent Protocol/2, and Inbound TCP Agent Protocol/3. Update Remoting from 3.36 to 3.40 to remove unsupported protocols and minor maintenance improvements. JENKINS-60381 , Remoting 3.40 release notes
Remove Enable Security checkbox in the Global Security configuration. JENKINS-40228

Enhancement

Clarify that build history does not include pipeline stages. JENKINS-59412
The environment variable WORKSPACE_TMP may now be used from (non-Pipeline) builds to access a temporary directory associated with the build workspace. JENKINS-60634
Internal: Add a method in EnvVars that extends TreeMap.putAll() functionality by filtering out the null values. JENKINS-59220
Internal: Allow usage of DescriptorVisibilityFilter to filter View properties on UI. JENKINS-60579

Bug fix

Fix null pointer exception in Agent API when the agent is offline (e.g. retrieving agent version or OS description). JENKINS-42658
Fix JavaScript error in Plugin Manager when optional dependency metadata cannot be retrieved. Improve wording in Plugin Manager UI. JENKINS-56152
Fix minor localization issues (escaping, incomplete entries, etc.). pull 4420
Fix typos & spelling in Javadoc and WebUI. pull 4418

Major bug fix

Fix plugin class resource loading failures for plugins which include library JARs. At least the Script Security, Active Directory and Maven Integration plugins are known to be affected. (regression in 2.212) JENKINS-60641 , JENKINS-60644 , JENKINS-60648

Bug fix

Prevent Jenkins page rendering from being blocked when the update center data parsing is in progress. JENKINS-60625
Return error when invalid string is passed as a Run status CLI argument. pull 4212
Fix an edge case of loading optional dependencies that cause Jenkins to blow up on startup. pull 4393, pull 4417, JENKINS-60449

Enhancement

Developer: Introduce new AntClassLoader.getUrl() method to prevent code duplication. pull 4254

Enhancement

Make the queue/cancelItem REST API return meaningful result codes instead of a Error 404. JENKINS-60326
Remove unused commons-codec dependency from Jenkins CLI. JENKINS-60326

Major bug fix

Resolve AtomicInteger and class-filter warnings in startup log. JENKINS-60513
User is no longer logged out when authenticating another user. JENKINS-59107

Bug fix

The text null could appear rather than blank text when rendering certain user-controlled strings. JENKINS-60554
Remove vulnerable Team Concert Plugin from setup wizard. CSRF vulnerability, Credential enumeration vulnerability
Disable multiple deletion attempts if hudson.Util.maxFileDeletionRetries is zero. JENKINS-60351

Bug fix

improved stop button behavior in the executors widget of the classical GUI, to avoid accidentally interrupting the wrong job. JENKINS-59656
Fix spotbugs reported concurrency issue using an AtomicInteger in SCMDescriptor#generation. pull 4337

Bug fix

Fix online example/documentation for File Access Rules. pull 4383
Prevent Oops when Whitelisted Commands input is empty in 'Agent to Controller Access Control'. JENKINS-60278
Prevent 'zombie' executors on built-in node by removing one-off executors in Computer.removeExecutor. JENKINS-57304

Enhancement

Update bundled Script Security Plugin to 1.68. pull 4367

Bug fix

Do not reload too early when Jenkins is behind a reverse proxy and is restarting. JENKINS-6798

Major enhancement

Deprecate the macOS native installer packaging. Jenkins macOS native installer deprecation

Enhancement

Open plugin and license links on a separate tab from Plugin Manager. JENKINS-60189
Set the HttpOnly flag for the page auto-refresh tokens. pull 4363
Developer: Use junit5 for CLI tests. pull 4220

Bug fix

Avoid exception when views are defined using job DSL. JENKINS-60092
Fix AtomicFileWriter performance issue on CephFS when creating an empty file. JENKINS-60167
Developer: ViewGroupMixIn#getPrimaryView() may return null, and needs to be checked by plugins depending on this version of weekly and beyond. It is an intermediate state until a default view is implemented. JENKINS-60092

Major enhancement

Move cloud configuration from Configure System into its own configuration form on the Manage Nodes page. pull 4339
Redesign password fields to prevent password auto-fill except for the login form. Reduce browsers offering to update stored passwords. Revert by setting the system property hudson.Functions.hidingPasswordFields to false. pull 3991

Enhancement

Show agent error status on the dashboard as mouse over text. JENKINS-6722
Show a tooltip with the full link name when hovering over sidebar links. JENKINS-59508
Reduce logging level of run completion and update center polling events from INFO to FINEST. pull 4345
Try to always execute flyweight tasks, such as the main builds for Pipeline or Matrix jobs, on the built-in node. pull 3983
Update Winstone from 5.3 to 5.4 to update Jetty from 9.4.18 to 9.4.22. full Winstone 5.4 changelog, Jetty 9.4.22 changelog, Jetty 9.4.21 changelog, Jetty 9.4.20 changelog, Jetty 9.4.19 changelog
Internal: Make ProxyConfiguration compatible with configuration-as-code plugin. Workaround on the configuration-as-code plugin side is no longer required. JENKINS-56553
Internal: Remove unused jenkins-slave.xml file template from core. Requires WMI Windows Agents plugin version 1.3.1 (Released Mar 14 2017) or newer. pull 4330
Internal: Remove unused remoting library from jenkins-cli.jar. pull 4350
Developer: Switch from maven-jenkins-dev-plugin to upstream jetty-maven-plugin. pull 4351
Disable HTTP TRACE to prevent security scanner complaints. The risk was significant with web browsers in 2003. Modern browsers forbid TRACE requests to prevent cross-site tracing (XST) attacks, so there is no real risk. JENKINS-60180

Bug fix

Fix Uninstall column sorting in the Plugin Manager Install pane. JENKINS-59665
Fix build history table styling. JENKINS-59631
Prevent faulty subtask contributors from leaving builds running forever. JENKINS-59793

Enhancement

Plugin manager descriptions always link to the plugins site instead of the Jenkins wiki. JENKINS-59679
Increase the number of datapoints recorded for multistage time series graphs such as those used for load statistics. pull 4341
Update Remoting from 3.35 to 3.36 to add new command line options "-help" and "-version". Remoting release notes

Bug fix

Prevent coding errors in canTake() and canRun() implementations in NodeProperty and QueueTaskDispatcher extensions from hanging the queue. JENKINS-59886

Major enhancement

Allow time zone to be set on a per-user basis. JENKINS-19887

Enhancement

Logging UI: Reorder sidepanel entries, add a note that "all log messages" will only include entries on level INFO and up. pull 4305
Update the Plugin Manager Updates tab with more information about incompatible dependencies. pull 4299
Build status balls on the build trend page now link to the respective build's console output. JENKINS-17459
Developer: Make some methods in ResourceDomainConfiguration accessible from plugins. pull 4335

Bug fix

Prevent permission problems when dynamically loading a plugin by making PluginManager#start() run as SYSTEM. JENKINS-59775
Properly handle user names containing : characters in resource root URL tokens. JENKINS-59859
Prevent NullPointerException when accessing the /logout without sending cookies. JENKINS-59904

Bug fix

Revert changes in forms submission in Jenkins classic UI with Firefox have caused a regression on forms with "file" inputs. These were made to anticipate a bugfix in Firefox which has been backed out since. (regression in 2.173) JENKINS-58296 , JENKINS-53462 , Firefox issue 1370630

Enhancement

Add telemetry on the use of the 'auto refresh' feature. pull 3894
Add java.util.concurrent.ConcurrentLinkedDeque to the JEP-200 deserialization allowlist. pull 4300
Developer: Introduce Run#getBuildsOverThreshold() method for getting runs above the desired execution result. pull 4259

Bug fix

Resource URLs failed to serve files with nontrivial names due to encoding problems. JENKINS-59849
Fix presentation when localized headers span multiple lines in the setup wizard. JENKINS-59800

Major enhancement

Add an option for a Resource Root URL through which Jenkins will serve user-generated static resources like workspace files or archived artifacts without the need for Content-Security-Policy headers. JENKINS-41891
Remove the ability to download update center metadata using the user's browser (deprecated since 2015). Jenkins will no longer inform about available updates without a connection to update sites. We recommend the use of a local mirror of our update sites, or a self-hosted update center like Juseppe in these situations. pull 3970

Bug fix

Fix style of administrative monitors showing informational messages in the popup. JENKINS-59684
Add a missing "pressed" style for the Create Item button. JENKINS-34226
Fix labels to Atom feed links. JENKINS-48375

Enhancement

Developer: Add Functions#urlEncode(String) to ease encoding of URL query parameters from Jelly views. pull 4278
Developer: TarOutputStream is now marked restricted so it is not used from plugins. pull 4272
Internal: Various code cleanups. JENKINS-36720 , pull 4248, pull 4258, pull 4260, pull 4256, pull 4257, pull 4261, pull 4267

Major enhancement

Prevent calls to Jenkins#save persisting data before we have finished loading the in-memory model. This prevents possible corruption of the main Jenkins configuration. JENKINS-58993

Bug fix

Increase client-side keep-alive ping frequency on the HTTP-based CLI to prevent timeouts. JENKINS-59267
Developer: ProcessTree#killAll no longer fails with NPE if proc argument is null. pull 4232
Internal: hudson.util.ProcessTree.OSProcess#getEnvironmentVariables returned null when an error occurred even though it shouldn't. JENKINS-59580

Enhancement

Reduce default soft-kill timeout from two minutes to five seconds so that builds that spawned other processes can finish more quickly. JENKINS-59152
Stop bundling Maven Plugin and Subversion Plugin with Jenkins. In very rare cases, this could result in problems when attempting to install plugins compatible with Jenkins before 1.310. The Jenkins project is currently not publishing any such plugins. pull 4242
Remove plugins bundled only to promote their use, as they are not needed for compatibility with old plugins. Since Jenkins 2.0, the concept of plugins installed by default is replaced with the setup wizard. pull 4040
Update bundled version of Script Security Plugin to 1.65. pull 4245

Enhancement

Remove 100 character length limitation of build description in build history widget. JENKINS-19760 , JENKINS-31209
Update the minimum required Remoting client version to 3.14 to simplify the implementation. pull 4208
Use different computer icon for temporary offline state. JENKINS-59283
Robustness: Do not allow users to resubmit requests using POST on URLs requiring a form submission, as that will fail anyway. JENKINS-59514
Better diagnostics in a failure message from Computer.getLogDir. pull 4226
Update bundled versions of Ant, PAM Authentication, Mailer, and Script Security plugins for the rare cases they're installed from bundled versions. pull 4230
Update commons-compress from 1.10 to 1.19. pull 4221, changelog
Update jfreechart from 1.0.9 to 1.0.19 to pick-up recent improvements and bugfixes. pull 4229, changelog
Developer: Add TcpSlaveAgentListener#getAdvertisedHost(). pull 4227

Bug fix

The lastCompletedBuild permalink was not being cached in the …/builds/permalinks file. JENKINS-56809

Security

Security fixes. security advisory

Enhancement

Gzip compression when transferring artifacts being archived from agents to the controller can now be disabled by setting the system property jenkins.model.StandardArtifactManager.disableTrafficCompression=true. JENKINS-26008 , Jenkins features controlled by system properties
Make log rotation more robust. JENKINS-58779

Bug fix

Fix malformed XML in Atom and RSS 2.0 feeds. (regression in 2.194) JENKINS-59231
URLs of some projects with emojis in their name were inaccessible. JENKINS-59406

Bug fix

The setup wizard sometimes was removed improperly, and Jenkins would only show a blank screen. JENKINS-59017

Bug fix

Fix missing absolute URL in the RSS / Atom feeds. (regression in 2.190) JENKINS-59167

Enhancement

Update Remoting from 3.33 to 3.35 to allow inbound TCP agents to connect directly without querying Jenkins via HTTP for connection parameters first. JENKINS-59094 , JENKINS-53461 , full changelog
Update Windows Service Wrapper from 2.2.0 to 2.3.0 to pick up fixes and improvements. pull 4167, WinSW changelog, Windows Agent Installer module 1.12 changelog
Internal: Update dom4j library from Jenkins project fork to upstream release 2.1.1. JENKINS-53322
Internal: Replaced different base64 implementations with java.util.Base64. pull 4169

Major bug fix

Downgrade Remoting from 3.34 to 3.33 due to problems involving tunneled connections. (regression in 2.191) JENKINS-59094
Jenkins UI broke when a slow trigger administrative warning would be shown. (regression in 2.189). JENKINS-58938

Security

Important security fixes. security advisory

Enhancement

Update Remoting from 3.33 to 3.34 to allow inbound TCP agents to connect directly without querying Jenkins via HTTP for connection parameters first. JENKINS-53461 , full changelog
Multiple minor code cleanups and internal fixes. pull 4131, pull 4162, pull 4163, JENKINS-36720
Internal: Update Mockito from 2.22.0 to 3.0.0. pull 4154

Bug fix

Add support of emojis and other non-UTF-8 characters in job names. 🎉 JENKINS-23349
RSS and Atom feeds did not contain all necessary metadata. (regression in 2.186) JENKINS-58595

Enhancement

Expose real environment variables from an agent on the UI. JENKINS-54772
Use SHA-256 instead of MD5 for generating crumbs/CSRF tokens. JENKINS-58734
Truncate long build names on the UI to prevent alignment issues. JENKINS-58157
Developer: AbstractItem#renameTo now checks #isNameEditable before renaming. JENKINS-58571

Bug fix

A file handle leak in $JENKINS_HOME/jobs/*/builds/permalinks could prevent jobs from being deleted on Windows. (regression in 2.185) JENKINS-58733
Remove extra whitespace output from /scriptText endpoint. (regression in 2.186) JENKINS-58548
The install-plugin CLI command allowed files that aren't plugins to be installed, potentially breaking some functionality. JENKINS-29065

Enhancement

Add a warning when cron trigger spends a long time in its execution. JENKINS-54854
Batch up plugin installations in setup wizard to improve performance. pull 4124
Stop using the name argument in the install-plugin CLI command. pull 4123
Update versions of some detached plugins. These are typically installed when upgrading Jenkins from much older releases, or when implied dependencies are not specified for manually managed plugins. pull 4125
Internal: Add support running JMH benchmarks for Jenkins core. pull 4135
Internal: Update Jenkins Test Harness from 2.49 to 2.54 to add support for JMH benchmarks. pull 4135, changelog
Internal: Omit WEB-INF/lib/jquery-detached-1.2.jar from jenkins.war. pull 4120

No notable changes in this release.

Enhancement

The default interval for node monitors (e.g. free disk space) can now be changed by setting the system property hudson.node_monitors.AbstractNodeMonitorDescriptor.periodMinutes. pull 4105, Jenkins features controlled by system properties
Robustness: Do not fail to render views when AdministrativeMonitor#isActivated fails. pull 4114
Internal: Update slf4j version from 1.7.25 to 1.7.26. pull 4118

Security

Important security fixes. security advisory

Major bug fix

Remove Trilead SSH dependencies from the Jenkins core. These dependencies caused SSH build agent connection issues in 2.185. JENKINS-58483

Enhancement

Upgrade SSH CLI Auth Module from 1.5 to 1.7 to remove Trilead SSH references. pull 4111, JENKINS-43669 , changelog for 1.7, changelog for 1.6

Major enhancement

Jenkins no longer creates symbolic links inside project or build directories. The Build Symlink plugin may be installed to restore this functionality if desired. URLs such as /job/…/lastStableBuild/ are not affected, only tools which directly access the $JENKINS_HOME filesystem. JENKINS-37862
Remove Trilead SSH library from Jenkins core and make it available in a new detached plugin. JENKINS-43610

Bug fix

Do not throw exception when testing proxy configuration. (regression in 2.168) JENKINS-57383
Prevent occasional IllegalStateException on Jenkins restart and invalidate the user session. JENKINS-55945
Avoid duplicate screenResolution cookie for views. pull 4103
Due to a mixture of old and new “detached” plugins, under certain circumstances it was possible to have two versions of an extension point used by the command launcher option for agents. JENKINS-58362
Developer: Plugin Compatibility Tester did not skip bundled plugin installation even if a *.jpl file exists. JENKINS-58362

Enhancement

Add a warning to the Installed tab of the plugin manager alerting administrators to possible problems from disabling detached plugins, which became possible as of 2.181. pull 4098
Remove unnecessary delay during cloud agent provisioning if the agent is available very quickly. JENKINS-24752
Update commons-codec library from 1.9 to 1.12. pull 4052, changelog

Enhancement

Remove obsolete session cookies when logging out, preventing errors related to headers being too large. JENKINS-25046
Add telemetry trial related to missing classes when running on Java 11. JENKINS-57223
Developer: Clean up constructors of AbstractCloudSlave. pull 4086

Bug fix

Fix performance issue when using "Remember me". (regression in 2.160) JENKINS-56243

Enhancement

Add support for IPv6 addresses in the Jenkins URL configuration. JENKINS-58041
Update args4j from 2.0.31 to 2.33. JENKINS-57959
Developer: Allow plugins to provide onBlur() handlers for CodeMirror textarea controls. JENKINS-58240
Developer: Make WindowsUtil available to plugins. pull 4038
Internal: update maven-war-plugin from 3.0.0 to 3.2.3. JENKINS-47127

Bug fix

When deleting directories, remove the read-only flag on Windows. JENKINS-57855

Enhancement

Update Remoting from 3.29 to 3.33. JENKINS-57959 , JENKINS-50095 , JENKINS-57713 , full changelog

Bug fix

The plugin manager UI no longer prevents disabling a plugin when other plugins only have optional dependencies to it. JENKINS-33843
A thread pool used to wait for external processes to complete could leak class loaders. JENKINS-57725

Enhancement

Robustness: Exceptions thrown while scheduling jobs in the queue could prevent other jobs from being scheduled. JENKINS-57805
Replace some exception stack traces related to agent channels with simpler messages. JENKINS-57993
Update JNA from 4.5.2 to 5.3.1 to fix issue with shared library loading on AIX when using OpenJDK. JENKINS-57515
Developer: Update ant dependency from 1.9.2 to 1.9.14. pull 4053
Internal: Switch from FindBugs to SpotBugs for static analysis. pull 4062
Internal: Mark hudson.model.UpdateSite#isDue as synchronized. JENKINS-57466

Major bug fix

Remoting reverted to 3.29 because JNLP agents failed to connect cloud agents in certain situations. (regression in 2.176) JENKINS-57759 , JENKINS-57713

Enhancement

Improve Configuration-as-Code compatibility of ListView. JENKINS-57121

Enhancement

Detached plugin handling changes in 2.178 could cause problems for some custom Jenkins home packaging schemes that use improper filenames. These cases are now at least warned about, and in some cases transparently handled. JENKINS-55582
Change the presentation of boolean (checkbox) options for most options on configuration forms. JENKINS-55787
Developer: Make the XMLUtils class with utility methods related to safe XML processing available to plugins. pull 4032

Bug fix

Update jmDNS from 3.4.0-jenkins-3 to 3.5.5 to prevent unnecessary DNS Multicast error messages. JENKINS-25369
Update WinP from 1.27 to 1.28 to fix problems with a missing DLL and flickering console window in the Windows graceful process shutdown logic. JENKINS-57477 , full changelog
Make sure detached plugins (plugins whose functionality used to be part of Jenkins itself) are installed upon Jenkins startup when needed as implied dependencies of other plugins which were already present. This simplifies compatibility for specialized installation scenarios not using the update center, such as when Jenkins is run from a Docker image prepackaged with some plugins. JENKINS-57528

Enhancement

Bring the bundled version of the Script Security plugin up to date with recent security advisories, in the unlikely case it is indeed installed from the WAR rather than the update center. pull 4000

Enhancement

Support setting excludes and case sensitivity in the fingerprint() build step in Pipeline and other job types. documentation, pull 3915
Allow distinguishing between new projects, disabled projects, and those with aborted builds through differently shaded build balls. pull 3997
Update Windows Agent Installer from 1.10.0 to 1.11, enabling TLS 1.2 on agent downloads when running with .NET 4.6 or newer. JENKINS-51577 , full changelog
Update Winstone-Jetty from 5.2 to 5.3 to update Jetty to 9.4.18. pull 4016, full changelog, Jetty 9.4.18 changelog, Jetty 9.4.17 changelog, Jetty 9.4.16 changelog
Developer: Make UserSeedProperty available to plugin developers. pull 4018
Developer: Add support for titleClassMethod (from symbol-hetero-list in Pipeline) to f:hetero-list. JENKINS-56379

Bug fix

Restore Chinese localized resources used by the setup wizard. (regression in 2.176) JENKINS-57412
Robustness: Do not put agent offline for runtime exceptions in ComputerListener#onOnline(). JENKINS-57111
Do not record fingerprints for files not included in archived artifacts due to exclude filter. JENKINS-41696

Major enhancement

Some plugins would fail in 2.175 with an error related to serialization of FilePaths. This is now downgraded to a warning. Plugin updates should still be applied to correct the underlying mistake. JENKINS-57244

Enhancement

Add stop-job CLI command which allows aborting builds. JENKINS-11888
Update Remoting from 3.29 to 3.30 to fix a few minor issues. JENKINS-51004 , JENKINS-57107 , JENKINS-46515 , full changelog
Migrate all Chinese localization resources into Localization: Chinese (Simplified) plugin. pull 4008
Developer: include generated source files of CLI module in the classpath. pull 4006

Bug fix

NodeListener#onCreated was called when Jenkins#addNode or Nodes#addNode actually replaced an existing node. JENKINS-57273

Enhancement

Update status icon of a build when the build is finished JENKINS-16750
The Plugin Manager now provides easier selection for applicable plugin updates with options to select "All", "Compatible" or "None". The selection of "Compatible" plugins (previously "All") has been fixed to exclude all that contain any compatibility warnings. JENKINS-56477
Remove misleading references to Java Web Start and JNLP from GUI surrounding inbound Jenkins agents. pull 3998
Re-enable Stapler request dispatching telemetry. pull 3999
Ensure that Remoting objects are being serialized only through Remoting channels. Certain classes which were never designed for persistence in XML will no longer be serialized to disk: FilePath, [Stream]TaskListener, and ProcessTree. JENKINS-47896
Developer: Make ${port} be honored by mvn -f war hudson-dev:run. pull 3984

Bug fix

Fix some errors seen in the Linux agent installers. JENKINS-57071
Make Debian/Ubuntu launcher script work with Java 11. JENKINS-57096

Bug fix

Renaming an agent retained old agent configuration, causing it to re-appear on restart. JENKINS-56403

Enhancement

Nested views are now searchable by name. JENKINS-43322

Major enhancement

Remove built-in support for CCtray (cc.xml) files. To restore this feature, install the CCtray XML Plugin. JENKINS-40750

Enhancement

Adjust stream flushing behavior for code running remotely on agents for better performance. This may lead to loss of messages for plugins which print to a build log from the agent machine but do not flush their output. Use -Dhudson.util.StreamTaskListener.AUTO_FLUSH=true to restore the previous behavior for freestyle builds. Note that Pipeline builds always expect remote flush. pull 3961
Add a button to copy new API tokens to the clipboard. JENKINS-56733
Developer: Update Stapler from 1.256 to 1.257 to add support for loading localized webapp resources from any plugin. Add jenkins.PluginLocaleDrivenResourceProvider interface for plugins to participate in localized resource lookup. JEP-216, full changelog
Developer: SystemProperties may now be used from agent-side code. See SystemProperties#allowOnAgent. pull 3961
Developer: Add LineTransformationOutputStream#Delegating for convenience. pull 3959
Developer: hudson.util.ssh.SFTPClient was removed. Use com.trilead.ssh2.jenkins.SFTPClient from the Trilead SSH library instead. JENKINS-56166
Internal: Update commons-beanutils from 1.8.3 to 1.9.3. pull 3948

Bug fix

Make form submit buttons on the Jenkins classic UI compatible with potentially upcoming Firefox bug fix. JENKINS-53462 , Firefox bug 1370630
Do not offer a workspace lease to a new build if it is already in use by a (Pipeline) build running across an agent reconnection. JENKINS-50504
Remove Mailer related localized strings from core. Make sure you use Mailer Plugin 1.23. JENKINS-55292
Properly flush output from the Maven console annotator. JENKINS-56995

Security

Security fixes. security advisory

Enhancement

Expose the minimum supported version of remoting to allow future releases to reject incompatible agent connections. JENKINS-50095
Developer: Add Jelly UI component f:secretTextarea for multi-line secrets analogous to f:password for single-line. pull 3967, Storing Secrets in Jenkins
Developer: Deprecated Run.getLogFile(), as it is not compatible with JEP-210. pull 3963

Bug fix

The setup wizard did not properly escape passwords, resulting in errors with certain special characters. JENKINS-56856
Revert accidental change to hashCode computation of jenkins.util.TreeString in 2.168. pull 3930

Major enhancement

Remove misleading nonStoredPasswordParam symbol for password parameter definitions, since it's actually stored encrypted. JENKINS-56776

Bug fix

Corrupted console notes could cause an uninformative NegativeArraySizeException to be thrown from ConsoleNote#readFrom and build log display to be broken. JENKINS-45661

Enhancement

Update Winstone from 5.1 to 5.2 to make HTTPS cipher exclusions configurable. JENKINS-56659 , JENKINS-56591 , full changelog
Add the run parameter filter value to REST API responses. JENKINS-56554

Bug fix

Fix highlighting of table entries when using checkboxes on the Legacy API Token usage page. pull 3932

Enhancement

Mobile friendly layout of the login, loading and restart screens. JENKINS-56398
Inform administrators about potentially unsafe permissions setup involving builds running as the virtual SYSTEM user. JENKINS-24513
Developer: StringParameterValue.getValue() now returns a String avoiding an unnecessary cast. pull 3146

Bug fix

Workspace and artifacts browsing did not work on Windows Server 2016 with Microsoft Docker. (regression in 2.154) JENKINS-56114

Bug fix

Actually show spinner when select tries to load an async request. JENKINS-42443

Enhancement

Add a log message to build logs when builds run with the virtual SYSTEM authentication. pull 3908

Enhancement

Add support for turning off a log recorder in the logger configuration. JENKINS-56200
Replace Trilead-SSH implementation of SSH key loader in CLI with Apache Mina. JENKINS-56167
Developer: Update Localizer library from 1.24 to 1.26 allowing plugins to override the lookup for localized resource files. pull 3896, JEP-216, full changelog
Internal: Update Jenkins Test Harness from 2.46 to 2.47. pull 3912

Bug fix

Prevent NullPointerException when discarding unreadable fingerprint data. JENKINS-43218
Avoid deserialization errors with EnvVars in rare circumstances by adding a stable serialVersionUID. JENKINS-56161

Major enhancement

Support for the Remoting mode of the CLI (-remoting option) has been removed. pull 3838, announcement blog post

Enhancement

Developer: Some public classes and methods which were already deprecated as specific to Remoting mode of the CLI have been removed, though those likely to be used by plugins have been retained for compatibility. pull 3838
Internal: Replace Trilead SSH implementation of base64 with the JDK implementation. JENKINS-43780

Enhancement

Make the plugin manager robust against Java version specification format mismatches while comparing versions (esp. after Java JEP 223). JENKINS-55980
Reduce the performance impact of the SECURITY-904 fix when downloading artifacts or workspaces as ZIP file. JENKINS-55050
Update Remoting from 3.28 to 3.29 to add a missing log call for severe protocol failures. JENKINS-55976 , full changelog
Jenkins now uses the standard update center by default when running with Java 11. JENKINS-55085
Update Executable WAR from 1.44 to 1.45 to allow running Jenkins with Java 11 without setting the --enable-future-java flag or corresponding system property. JENKINS-52285 , full changelog
Developer: Improve discovery and readability of WebClient most popular options. JENKINS-53511

Bug fix

Update SSHD Module from 2.5 to 2.6 to apply a proper Apache Mina idle timeout value when a custom value was set using the org.jenkinsci.main.modules.sshd.SSHD.idle-timeout system property. JENKINS-55978 , full changelog
Suppress error message when first viewing the agent-to-controller security configuration page. JENKINS-55936
Fix log message when the built-in node runs out of disk space and is taken offline. JENKINS-55738

Major enhancement

Support running Jenkins WARs on Java 11 without downloading JAXB JARs. A new JAXB plugin is marked as a detached one when running with Java 11 or higher. JENKINS-55681 , pull 3711, plugin page

Enhancement

Report names of items being deleted in confirmation dialogs. JENKINS-55848
Replaced text references to slave with agent in various log entries and built-in help pages JENKINS-51320
Improve diagnostics of missing Old Data Administrative Monitor. pull 3240, related issue

Bug fix

Prevent a potential startup deadlock situation in extension loading. pull 3828, JENKINS-55361 , JENKINS-54974 , JENKINS-50663 , JENKINS-44564 , JENKINS-31622
Improve robustness of the partial page refresh logic when Jenkins is not available. JENKINS-53077
Prevent NullPointerException in Run Parameter for jobs in rare race condition cases. JENKINS-47530
Prevent NumberFormatException when a symbolic link is published as an artifact. JENKINS-55049
Prevent NullPointerException when a fingerprint is loaded from a corrupted XML file without the usages section. JENKINS-49588

Major bug fix

Jenkins did not use the configured proxy credentials for authentication unless they were saved since Jenkins was started. (regression in 2.152) JENKINS-54903

Enhancement

The list-jobs no longer lists items recursively when listing a specific folder. JENKINS-48220
Replace deprecated Warnings and Checkstyle plugins with Warnings Next Generation Plugin in installation wizard. pull 3857
Do not print a warning about a changed workspace location on every startup when using the system property jenkins.model.Jenkins.workspacesDir. JENKINS-53284
Internal: Optimization in the method to read a remote file as text. pull 3862
Internal: Add smoke-test JUnit category. To only run these tests, mvn -P smoke-test. JENKINS-53935

Enhancement

Update Windows Service Wrapper from 2.1.2 to 2.2.0 and Windows Agent Installer from 1.9.3 to 1.10.0 to support disabling, renaming and archiving service logs. pull 3854, Windows Service Wrapper changelog, Windows Agent Installer Module changelog
Update Executable WAR from 1.41 to 1.44, allowing use of JENKINS_ENABLE_FUTURE_JAVA environment variable as an alternative to the --enable-future-java CLI switch. pull 3847
Developer: Add SecurityListener#userCreated API to inform about user account creation in the Jenkins user database security realm. pull 3825
Developer: Deprecate ParserConfigurator. pull 3852
Internal: Update frontend-maven-plugin from 1.4 to 1.6. pull 3830

Bug fix

Overhaul file deletion related code to be more reliable. JENKINS-55016 , JENKINS-55448 , JENKINS-55450
Improve robustness of console annotators such as the Timestamper plugin in conjunction with certain Pipeline steps such as git on an agent with an old agent.jar. JENKINS-55257

Security

Important security fixes. security advisory

Enhancement

Invalidate sessions and CLI authentication caches when changing the user password in the Jenkins user database.

Major bug fix

Fixed issue that prevented Jenkins from deleting files in many cases. (regression in 2.157) JENKINS-55448

Enhancement

Add support for plugins declaring a minimum Java version in manifest, showing warnings and refusing to load plugins with unsatisfied dependencies. Plugins should use the plugin POM 3.31 or newer to make use of this. JENKINS-55048

Enhancement

Update Trilead SSH library to add support for OpenSSH keys with AES256-CTR encryption. JENKINS-47603 , JENKINS-47458 , JENKINS-55133 , JENKINS-53653
Internal: Update parent POM from 1.50 to 1.51. pull 3829, changelog
Internal: update build-helper-maven-plugin from 1.7 to 3.0 to make Jenkins more easily importable in Eclipse IDE. pull 3831

Bug fix

Restarting and Loading pages did not get CSS resources from the correct URL when using a context path. JENKINS-55062

Bug fix

User account creation by administrators did not show error messages when it failed. (regression in 2.129) JENKINS-52869
Fix java.lang.IllegalStateException that could occur in rare cases on Jenkins startup. JENKINS-55197 , JENKINS-55070
Attempt to prevent NoClassDefFoundError: javax/servlet/ServletException under some conditions on agents. JENKINS-26677

Enhancement

Update Remoting from 3.27 to 3.28 to fix some minor issues and enhance NO_PROXY options. full changelog, JENKINS-47977 , JENKINS-48778 , JENKINS-49987 , JENKINS-50730 , JENKINS-51108 , JENKINS-54005
Replace the Flash implementation of the "copy to clipboard" feature with the native JavaScript equivalent. JENKINS-54933
Developer: Login and signup pages redesigned in 2.129 now can receive style contributions (footer view for SimplePageDecorator) from multiple plugins. JENKINS-54325

Major enhancement

Java 11 Support Preview is available starting from this version JENKINS-52012 , Announcement and run guidelines

Enhancement

When running on Java 11, Jenkins by default is now using an update center with alpha/beta plugin releases that require Java 11. JENKINS-55080 , Experimental Update Center for Java 11 in JEP-211
Update SSHD Module from 2.4 to 2.5 to add support for the EdDSA signature algorithm. JENKINS-45318 , SSHD Module changelog
Internal: update parent POM from 1.49 to 1.50 to get the SUREFIRE-1588 workaround. Parent POM changelog, SUREFIRE-1588

Bug fix

Unix process manager and Agent Java Web Start UI now check the current Java version based on java.specification.version. JENKINS-55076

Security

Important security fixes. security advisory

Enhancement

Add support for the ed25519 key algorithm in Jenkins CLI. JENKINS-45318
Do not show the Launch agent from browser button (Java Web Start) if Jenkins is running on Java 11. JENKINS-52282

Bug fix

Do not hide newer releases of plugins from secondary update sites. JENKINS-45235
Check hudson.PluginManager.checkUpdateAttempts system property instead of hudson.PluginManager.CHECK_UPDATE_ATTEMPTS. JENKINS-54731 , JENKINS-54459

Bug fix

Revert compatibility fix for future releases of Firefox due to regressions it caused since 2.148. JENKINS-54261 , JENKINS-54333 , JENKINS-54570
Do not cache CSS/JS resource files for console annotations like Timestamper Plugin across Jenkins restarts. JENKINS-38719
In some cases, HTTP proxies with authentication did not work for HTTPS URLs. JENKINS-48775

Enhancement

Improve robustness when checking for updates. Add hudson.PluginManager.checkUpdateSleepTimeMillis and hudson.PluginManager.CHECK_UPDATE_ATTEMPTS system properties to adapt to unreliable networks. JENKINS-54459 , Jenkins features controlled by system properties
Add support for killing child processes on AIX. JENKINS-16867
Only select compatible plugin updates when clicking Select All below the list. JENKINS-20155
Internal: Upgrade the Maven Jenkins Dev plugin from 9.4.5.v20170502 to 9.4.12.v20180830 to align it with the Jetty version. JENKINS-54599
Internal: Update Jenkins Test Harness from 2.36 to 2.41.1 to allow running tests with JDK11. JENKINS-53863 , changelog
Internal: Introduce a new submodule for JDK8-only tests so that it is possible to run tests against codebase removed from JDK11. JENKINS-53716

Enhancement

Add a new CLI command disable-plugin to disable one ore more installed plugins and optionally restart Jenkins. JENKINS-27177
Add new category Languages to the plugin wizard, which automatically installs available localization plugins based on browser language. pull 3626
Update Windows Agent Installer from 1.9.2 to 1.9.3 to reduce remote class loading when not actually using Windows. pull 3723, Windows Agent Installer changelog

Bug fix

Avoid Premature EOF error when using the shutdown CLI command. JENKINS-49196
Prevent Stream is closed error in case a CLI command finishes before the input is entirely read. JENKINS-54310

No notable changes in this release.

Enhancement

Do not submit telemetry if there's no relevant data. JENKINS-54137
Use per-trial correlation IDs for telemetry submissions. JENKINS-54136

Bug fix

Fix concurrency bug that caused requests to hang since 2.147. JENKINS-54135
When using elastic agents (clouds), agent JVMs could be incorrectly relaunched and never terminated. pull 3701

Bug fix

Make form submit buttons on the Jenkins classic UI compatible with potentially upcoming Firefox bug fix. JENKINS-53462 , Firefox bug 1370630

Major enhancement

Update Winstone-Jetty from 5.0 to 5.1 to update Jetty to 9.4.12, picking up TLS 1.3 support and fixes towards Java 11. JENKINS-51805 , JENKINS-53929 , Winstone-Jetty changelog, Jetty changelog

Enhancement

Update Stapler from 1.254.2 to 1.255 to integrate a fix related to StaplerProxy#getTarget() return value handling. pull 3690, stapler/stapler#149
Print a warning when the long deprecated method Secret#toString() is being used. pull 3668
Add telemetry trials related to browser languages and Stapler request dispatching. pull 3688, pull 3687, stapler/stapler#148

Security

Important security fixes. security advisory

Major enhancement

Security hardening: Escape variables in Jelly views by default. announcement blog post, LTS upgrade guide, list of affected plugins

Enhancement

Security hardening related to Stapler routing. SECURITY-595 in the 2018-12-05 security advisory
Security hardening related to HTTP verb restrictions for web methods.

Major enhancement

Migrate most Simplified Chinese translations into Localization: Chinese (Simplified) Plugin. pull 3667

Bug fix

Prevent NullPointerException on restart with an undefined update site URL. JENKINS-31448
Fix problems with update center metadata signature check on Java 11. JENKINS-53710
The initial visibility of nested groups of radio buttons did not accurately reflect the current values. JENKINS-48516
Developer: ConsoleAnnotatorFactory mishandled its type parameter, effectively forcing all implementations to use Object or raw types. pull 3662

Enhancement

New JENKINS_USER_ID and JENKINS_API_TOKEN environment variables can be used to configure the CLI authentication. JENKINS-53792
Minor improvements to reduce minimum memory footprint for Jenkins, especially around update center & plugin metadata. pull 3654
Developer: Add overridable Queue.Task#getAffinityKey() to allow consistent hashing for Pipeline builds in the future. JENKINS-36547
Internal: Update META-INF/services generator from 1.4 to 1.8 to fix compilation on JDK 10+. JENKINS-52024 , META-INF/services generator
Internal: Update Parent POM to 1.49 to make the build flow compatible with Java 11. Parent POM changelog

Enhancement

Update jnr-posix to 3.0.45 to prevent Illegal Reflective access warnings when running with Java 11. JENKINS-46725
Update Unix process management logic to support Process Tree termination when running with Java 11. JENKINS-46523
Developer: Introduce getPlatform() and setPlatform() methods in hudson.EnvVars. JENKINS-53721
Developer: Introduce new hudson.Util#fixNull(value, defaultValue) method. pull 3656

Bug fix

Update Remoting from 3.26 to 3.27 to eliminate a potential deadlock. full changelog, JENKINS-53569
Prevent process termination failure when ProcessKiller extension fails with NoClassDefFoundError. JENKINS-53593
Remove unreliable action caching in views so that plugins installed after Jenkins startup can contribute to the UI. JENKINS-53353

Major bug fix

Hyperlinks in build logs for builds run using Jenkins 2.138 or older were not displayed correctly in newer versions of Jenkins. As a side effect of this fix, build logs created with Jenkins between 2.139 and 2.142 (inclusive) will lose the hyperlink metadata. JENKINS-53729

Enhancement

Update Groovy from 2.4.11 to 2.4.12 to pick up fixes towards Java 11 support. JENKINS-52019 , Groovy 2.4.12 changelog
Add extensibility mechanism for anonymous usage statistics with initial implementation collecting information about applied security fix escape hatches. JEP-214
Developer: Add Telemetry extension point. JEP-214
Developer: Update PowerMock and Mockito to versions compatible with Java 11. JENKINS-53693
Internal: Update sezpoz from 1.12 to 1.13 to enable building plugins with JDK 11. JENKINS-52024

Bug fix

Fix a thread safety issue when creating multiple nodes in parallel. JENKINS-53401
Internal: Incorrect API signatures on some classes performing custom deserialization. JENKINS-53608

Bug fix

Improve robustness when search items don't specify a display name. JENKINS-50795
Certain kinds of errors in build console display were being suppressed and ANSI escape sequences displayed instead. pull 3612
Further improvements to not show scroll bar prematurely on long build display names in the sidepanel builds widget. pull 3601

Enhancement

Developer: Make HashedToken and ApiTokenStore Serializable. JENKINS-53561

Major bug fix

Update Winstone-Jetty from 4.4 to 5.0 to fix HTTP/2 support and threading problems on hosts with 30+ cores. JENKINS-53239 , JENKINS-52804 , JENKINS-51136 , JENKINS-52358

Enhancement

Update Remoting from 3.25 to 3.26 to remove some unhelpful warnings. JENKINS-42533 , JENKINS-52945
Wait up to two minutes for process termination before killing it (typically when aborting a build). JENKINS-17116
Reduce logging level of restart and shutdown related notifications from SEVERE to INFO. JENKINS-53282

Bug fix

A configured quiet period was interpreted as milliseconds, instead of seconds. (regression in 2.82) JENKINS-48770

Enhancement

Allow use of the console command with Job/Read permission. JENKINS-52181
Upgrade libpam4j from 1.8 to 1.11. JENKINS-53055
Developer: Add support for the @PostConstruct lifecycle method annotation. JENKINS-52818
Developer: Add interface PersistentDescriptor that allows implementing Descriptors to skip explicit calls to load(). JENKINS-52818

Bug fix

CLI command enable-plugin -restart will no longer restart Jenkins if no plugins were actually enabled. JENKINS-52950
Nested f:repeatable/f:repeatableProperty form elements inherited minimum when they shouldn't. JENKINS-37599
Build logs were not displayed correctly when they contained hyperlinks whose link text contains newline characters. JENKINS-53016

Security

Security fixes. security advisory

Enhancement

Security hardening related to Stapler routing. SECURITY-595 in the 2018-12-05 security advisory

Bug fix

Do not show scroll bar prematurely on long build display names in the sidepanel builds widget. pull 3576

Enhancement

Developer: Downgrade errors about plugin dependency version mismatches to warnings when Maven snapshot versions are involved. Typically only relevant for developers, especially when using incrementals. JENKINS-52665
Internal: Update parent POM. Jenkins now requires Maven 3.5.4 or newer to build. pull 3567

Enhancement

Add a new CLI command enable-plugin to enable one or more installed plugins and optionally restart Jenkins. JENKINS-52822
Update JNA from 4.2.1 to 4.5.2 to add support for s390x, update GNU C minimal requirement to 2.7 on Unix platforms. JENKINS-52771
Developer: Add EnvironmentVariablesNodeProperty#getEnv() for better Configuration-as-Code support. JENKINS-52794

Bug fix

Some types of builds, like pipelines, would sometimes run concurrently even when that was disabled. JENKINS-41127
Legacy API token monitoring did not work correctly for users with id null. JENKINS-52441
Launcher.ProcStarter.stdout(TaskListener) did not properly send its argument over a Remoting channel to an agent. JENKINS-52729

Enhancement

Some deserialization rejections are now logged on WARNING log level, instead of only on FINER. JENKINS-51666
Prevent warnings about deserialization of hudson.model.ParametersDefinitionProperty$1. JENKINS-50457
Developer: Make Jenkins#getInstallState and Jenkins#setInstallState(…) available to plugins. JENKINS-52718

Enhancement

Instruct browsers to not send referrer headers when following links to other sites. pull 3547, referrer policy documentation
Improvements to Chinese localization. pull 3550, pull 3555

Security

Important security fixes. security advisory

Enhancement

Don't log warnings when SHA-256 checksums are provided (but SHA-512 are not) for plugin downloads. pull 3546
Allow java.time.Ser for use in XStream (XML serialization) and Remoting (agent communication). JENKINS-52534

Bug fix

Don't fail to archive artifacts when attributes cannot be preserved, instead log a message and proceed without preserving attributes (regression in 2.120). JENKINS-52325

Enhancement

Add support for Zip files larger than 4 GB (Zip64). JENKINS-52356
Developer: Remove hudson.FilePath#copyFromRemotely(URL) Beta API. JENKINS-52417

Major enhancement

Check SHA-512 or SHA-256 checksums of update site and tool installer metadata and core and plugin downloads if the update site provides them. pull 3356

Bug fix

Improve API token metadata to be able to distinguish between API tokens created today, and whose creation date is unknown (legacy API tokens). JENKINS-52161
Update Remoting from 3.22 to 3.23 to skip TCP Agent Listener port availability check when the -tunnel option is set (regression in Remoting 3.22 and Jenkins 2.129). JENKINS-52204
Instances of some item types could not be renamed (regression in 2.110). JENKINS-52164

Enhancement

Robustness: Don't break queue processing when the configured queue sorter throws exceptions. JENKINS-52159
Update instance identity module from 2.1 to 2.2 to improve Java 11 compatibility. JENKINS-51965 , full changelog

Major enhancement

Replace single per-user API token with new system of multiple, revocable, unrecoverable API tokens with usage tracking. JENKINS-32442 , JENKINS-32776 , blog post

Bug fix

Dynamically loaded plugins now have any PeriodicWork/AperiodicWork extensions scheduled. JENKINS-28683

Enhancement

Upgrade Bytecode Compatibility Transformer from 1.8 to 2.0-beta-2, upgrading ASM from 5.0.1 to 6.2 to improve support of Java 9+ runtimes. JENKINS-51837 , supported Java versions
Upgrade Remoting from 3.21 to 3.22 to have agents check availability of the controller's TCP Agent Listener port when connecting over TCP. JENKINS-51818 , Remoting 3.22 changelog
Update Executable WAR from 1.40 to 1.41 to link the Jenkins Java support policy and to fix reflection warnings when running on Java 9+ (experimental support). JENKINS-51994 , JENKINS-46622 , Executable WAR 1.41 changelog, supported Java versions
Developer API: Remoting 3.22 now offers a new Channel#readFrom(Channel, byte[]) method for a standardized command deserialization from the channel. JENKINS-51841

Major enhancement

Redesigned login, signup, and Jenkins is (re)starting pages. Existing page decorators like Simple Theme Plugin will no longer work with these redesigned pages. JENKINS-50447 , announcement blog post
The deprecated Jenkins CLI Protocol versions 1 and 2, and Java Web Start Agent Protocol versions 1, 2, and 3 have been disabled. If you still use these protocols (e.g. remoting-based CLI, or old agent.jars on agents), you need to re-enable these protocols after upgrade, or upgrade the clients. The same recommendations as in The 2.121.x upgrade guide for remoting changes apply here. JENKINS-48480

Enhancement

Upgrade Winstone from 4.3 to 4.4 to update Jetty from 9.4.8.v20171121 to 9.4.11.v20180605. pull 3497, full changelog, Jetty 9.4.11 changelog, Jetty 9.4.10 changelog, Jetty 9.4.9 changelog
Jenkins remote API: Export fingerprints for builds which do not derive from AbstractBuild, like Pipeline builds. JENKINS-51667
Stop using deprecated com.google.common.io.NullOutputStream from Guava to avoid binary conflicts with plugins bundling newer Guava versions (regression in 2.127). JENKINS-51889
Developer: Introduce SimplePageDecorator extension point, which allows decorating the redesigned login page. announcement blog post

Bug fix

Developer API: Prevent NullPointerException in SlaveComputer#setChannel(Channel,OutputStream,Channel.Listener) with null OutputStream. JENKINS-51955
Developer API: StreamTaskListener#getCharset() now returns the default charset when it is not configured. JENKINS-51971

Major enhancement

Optional extensions are now loaded without requiring to restart Jenkins after installing an optional dependency. JENKINS-50336

Enhancement

Update Remoting from 3.20 to 3.21 to apply logging enhancements and better no_proxy support. JENKINS-51223 , JENKINS-50965 , JENKINS-51551 , Remoting 3.21 changelog
Add modification timestamp to files in directory browser views such as archived artifacts and workspaces. JENKINS-20998
Improve diagnostics of corrupted plugin archives during plugin dynamic loading. JENKINS-51608
Update Executable WAR from 1.39 to 1.40 to allow running Jenkins with incompatible (too new) Java versions by setting the --enable-future-java flag. JENKINS-51155 , Executable WAR 1.40 changelog
Developer: PermissionGroups now expose their IDs to Java API. JENKINS-51598
Developer: ComputerLauncher implementations can now set channels with a custom CommandTransport implementation. JENKINS-51541
Developer/Internal: Remove use of a Guava method deleted in later versions, which could cause problems for plugins running functional tests. JENKINS-51779

Bug fix

Have the setup wizard propose a root URL ending with a slash as is necessary. JENKINS-51660
Fix a potential deadlock between queue maintenance and asynchronous execution. JENKINS-46248
Security hardening: Prevent files in tar archives from being written to a path outside the destination directory. JENKINS-51777
If using the Artifact Manager on S3 plugin with the (non-default) option to delete artifacts, they were not deleted when the entire build was deleted. JENKINS-51819
Prevent Enter resulting in a broken presentation of the setup wizard. JENKINS-51816

Enhancement

Robustness: A buggy ComputerListener#onConfigurationChange implementation should not block Jenkins startup. JENKINS-50217
Diagnostics: Log stack traces in JEP-200 rejection messages when jenkins.security.ClassFilterImpl logging level is FINE or above. JENKINS-51355
Developer: Make various form validation related attributes in Jelly form taglib explicitly available. pull 3470

Bug fix

Copying Run parameters did not work as expected as RunParameterDefinition#copyWithDefaultValue called the wrong constructor. JENKINS-51650
Actions created from a TransientActionFactory that got attached to an item in the queue are no longer persisted, which could previously lead to duplicate actions shown for builds. JENKINS-51584
Do not attempt to disconnect offline computers for not responding. JENKINS-20272
Restore implied dependency on JDK Tool Plugin from Apache HttpComponents Client 4 API Plugin to fix dependency problems. JENKINS-51483
Fix behaviour of Advanced button when a section element is nested inside. JENKINS-14632
Do not duplicate caller stack trace when FilePath#act fails. JENKINS-51082

Enhancement

Export path to agent file system root directory in remote API. pull 3206
Do not remove workspaces for projects with builds in progress. JENKINS-27329

Major bug fix

Fix release process issue that resulted in 2.123 not being properly released. pull 3452

Enhancement

Upgrade Winstone from 4.2 to 4.3, adding an option to enable JMX when running Jenkins using java -jar jenkins.war. pull 3422, full changelog, JMX Documentation for Jetty, full list of options
Improve Jenkins root URL validation. JENKINS-51158

Bug fix

Prevent unhandled ClassCastException when loading fingerprints from corrupted files. JENKINS-51179

Enhancement

Faster list rendering of Plugin Manager » Available. JENKINS-51205
Improve Chinese translation. pull 3423, pull 3440
Internal: Various improvements related to incremental Maven releases. JENKINS-51187 , JENKINS-51247 , pull 3430, JEP-305

Security

Important security fixes. security advisory

Major enhancement

The Job/Build permission no longer implies the Job/Cancel permission. The latter needs to be granted explicitly to users who previously got it via this relationship. JENKINS-14713

Major bug fix

Fix issue preventing process killing vetoes being effective on agents. JENKINS-9104 , ProcessKillingVeto extension point implementations

Enhancement

Allow additional administrative monitors to be dismissed directly from their warning messages. pull 3416
Make fingerprint logs less verbose. JENKINS-50412
Internal: Add support for incremental Maven releases. JEP-305
Internal: Further simplify storage of the Jenkins setup wizard’s installation state. pull 3405
Developer: Extend ClassFilterImpl#isLocationWhitelisted Maven-oriented exclusions to plugin under test during Gradle builds. JENKINS-51062

Bug fix

Be more lenient when validating the root URL (regression in 2.119). JENKINS-51064
Archiving artifacts now preserves file permissions and last modification time. JENKINS-13128
Don't extract files from plugin archives to outside their destination directory. JENKINS-32778

Enhancement

Ensure as much as possible that the Jenkins root URL is defined by adding a new setup wizard page and an administrative monitor. JENKINS-31661
Default Crumb Issuer proxy compatibility can be enabled on first startup by setting the system property jenkins.model.Jenkins.crumbIssuerProxyCompatibility to true on startup. JENKINS-50767 , Jenkins features controlled by system properties
Remove the options to define custom Build Record Root Directory and Workspace Root Directory on the Configure System form to prevent unexpected failures during runtime. Instead, these locations can now be customized using system properties on startup. JENKINS-50164 , Jenkins features controlled by system properties
Allow java.util.EnumMap and org.jruby.RubyNil for use in XStream (XML serialization) and Remoting (agent communication). JENKINS-50939 , JENKINS-50616
Developer: Add a new overload for HttpResponses#errorJSON. pull 3082

Enhancement

Update Remoting from 3.19 to 3.20 in order to refresh the code signing certificate. pull 3398, full changelog

Bug fix

Update WinP from 1.25 to 1.26 to fix loading of WinP libraries on Windows inside Weblogic web container. JENKINS-48347 , full changelog

Major enhancement

Developer: JEP-202: Extend VirtualFile API to streamline external artifact storage. API additions are marked beta and may change at any time. JEP-202, pull 3302

Enhancement

Update Winstone from 4.1.2 to 4.2 to update Jetty from 9.4.5 to 9.4.8 for various bugfixes and improvements. full changelog, Jetty 9.4.6 changelog, Jetty 9.4.7 changelog, Jetty 9.4.8 changelog
Improve Chinese translation. pull 3368, pull 3385, pull 3386, pull 3387, pull 3391
Internal: Add new update center root CA certificate. Help desk issue 1236

Bug fix

Don't log null pointer exceptions on some forms with validation button (regression in 2.116). JENKINS-50748
Make the logic for adding nodes atomic, so that if a newly added node fails to be persisted it will not exist in a partly-initialized state. JENKINS-50599

Security

Security fixes. security advisory

Enhancement

Sort nodes matching labels on UI. JENKINS-25910
Internal: Run threadPoolForRemoting threads in the context of the SYSTEM user to be consistent with executor threads. JENKINS-50296
Developer: Add new overloads for HttpResponses#errorJSON. pull 3379

Enhancement

Introduce hudson.triggers.SafeTimerTask.logsTargetDir system property to write logs usually written to $JENKINS_HOME/logs to another location. JENKINS-50291
Update Executable War from 1.38 to 1.39 to remove an irrelevant warning on Jenkins startup. JENKINS-50439
Internal: Minimize visibility of readResolve methods. pull 2567

Bug fix

Make Cancel Shutdown link in side panel work without requiring the page to be reloaded. JENKINS-44402
Prevent f:combobox input fields from breaking customized form submission handlers. JENKINS-21613
Fix a race condition in the Setup Wizard that could lead to it being skipped on the first startup when groovy scripts or init scripts are pre-installed. JENKINS-49401

Major enhancement

Update Remoting from 3.18 to 3.19 so that Jenkins core can always deserialize exceptions even if they're not permitted. To benefit from this improvement, Remoting needs to be updated on the agent side as well. JENKINS-50237 , JENKINS-49618 , full changelog

Bug fix

JEP-200: Allow org.apache.tools.ant.Location deserialization to prevent exception when listing agent files in non-existent directory or invalid filter. JENKINS-50237
Prevent some cases of linkage errors relating to Servlet classes when code is run on an agent. JENKINS-46386
Allow users without Overall/Read access to use the who-am-i and logout commands. JENKINS-50324

Enhancement

Show more entries in the search results dropdown and search results page. JENKINS-47020

Major enhancement

Install from java.sun.com installation method for JDK tools has been moved to a new JDK Tool Plugin. JENKINS-22367
Update Remoting from 3.17 to 3.18 in order to apply various performance and diagnosability improvements, such as logging warnings when anonymous classes are serialized over a Remoting channel. JENKINS-49415 , JENKINS-49472 , JENKINS-48561 , JENKINS-49994

Enhancement

Allow use of lists of options as provided by the Pipeline snippet generator for choice parameters. JENKINS-26143
Use case-insensitive autocompletion for item selection dialogs if the current user prefers case-insensitive search. JENKINS-38812
Better autocompletion for loggers supporting multiple tokens and proposing useful parent loggers. pull 3345
Internal: Move "Submit" button localization from various forms to the button control. pull 3319

Bug fix

Restore serialVersionUID of AbstractTaskListener (regression in 2.91). JENKINS-50124

Enhancement

Pipeline builds could not be started if the Authorize Project plugin was configured to associate the build with a user to whom the authorization strategy was configured to deny Agent/Build permission on the built-in node. JENKINS-46652
Reduce memory footprint of jenkins.model.lazy.AbstractLazyLoadRunMap#search in descending order. JENKINS-50056
Update Executable War from 1.37 to 1.38 to show an error when an attempt is made to run Jenkins on Java 9. JENKINS-49737 , full changelog
Developer: Introduce hudson.util.TextFile#linesStream for file stream processing with proper error propagation. pull 3211, pull 3340
Internal: Choose more mnemonic artifactIds for modules not consumed externally. pull 3311

Major bug fix

Display estimated remaining time again for Pipeline jobs (regression in 2.92). JENKINS-48821

Bug fix

Revert update of PrototypeJS in 2.110 due to regression. JENKINS-49968
Do not show an error message when renaming an item before changing the name. JENKINS-49906
Improve robustness in case a build with parameters was stored with a null list of parameters. JENKINS-39495
Setup wizard did not properly display form validation errors in "Create First Admin User" form. JENKINS-45387
Prevent FileNotFoundException in hudson.Util#loadFile in case of race condition. JENKINS-49971
Ignore misplaced config.xml file directly in users/ directory. JENKINS-32599

Major enhancement

It is no longer possible to rename jobs from their configuration page. Jobs now have a link in the side panel titled "Rename" that links to a page specifically dedicated to renaming jobs. JENKINS-22936
Developer: Subclasses of AbstractItem can implement AbstractItem#isNameEditable and return true to get automatic support for renames. Subclasses are also able to dynamically validate renames by implementing AbstractItem#checkRename. JENKINS-22936

Enhancement

Show the "Add" button in lists of tool installations also on the top. JENKINS-43581
Add ConcurrentLinkedQueue to white-listed classes for use in XStream (XML serialization) and Remoting (agent communication). JENKINS-49788
Issue warnings to the system log when attempts are made to use classes with unpredictable names and serial forms (such as anonymous classes) in Remoting or XStream (de)serialization. JENKINS-49795
Developer: Add support for also showing the "Add" button on top for lib/form/repeatable Jelly controls when the enableTopButton attribute is set to true. pull 2926
Internal: Upgrade PrototypeJS 1.7.0 to 1.7.3. JENKINS-49319 , PrototypeJS blog/changelog
Internal: Improve the implementation of Util#createTempDir. pull 3226

Bug fix

Make JEP-200 serialization allowlist more reliable on old versions of Tomcat 8. JENKINS-49543
Clean up the build.xml files of parameterized projects that contained unnecessary serialized data. JENKINS-49795
Upgrade Winstone from 4.1.0 to 4.1.2 to prevent User session memory leak by setting the default idle session eviction timeout to 30 minutes. JENKINS-49596 , full changelog
Make proxy views work inside folders. JENKINS-49642
Prevent NullPointerException in AbstractProject#checkout when the agent disconnects during a build. JENKINS-29470
Internal: Make Apply buttons localizable. pull 3287

Enhancement

Periodically persist the build queue so it can be restored on abnormal process termination. JENKINS-30909
Add agent symbol for a permanent agent in Structs Plugin based configuration. JENKINS-49661
Match more date formats for sortable tables. pull 3125

Bug fix

Prevent NullPointerException when saving a parameterized job without parameters defined. JENKINS-46638
Don't link to a non-existing user profile from the build log of a build started by an anonymous user. JENKINS-48467

Enhancement

Always show the built-in node in the executors widget, even when it is offline. JENKINS-34712
archiveArtifacts in a Pipeline failed to throw a normal exception when there were no matches. JENKINS-47142
Update Apache Mina SSHD Core from 1.6.0 to 1.7.0 in CLI client. JENKINS-49565 , changelog
Extensibility: Allow SecurityRealm and AuthorizationStrategy implementations to be hidden on Configure Global Security form using DescriptorVisibilityFilter. JENKINS-49044

Bug fix

Don't show input validation errors in optional numeric form fields (regression in 2.105). JENKINS-49387 , JENKINS-49520
Fix translation of 'sign up' in Dutch, used to be 'sign in'. JENKINS-49498

Security

Important security fixes. security advisory

Enhancement

Security hardening to prevent problems like SECURITY-624 in the future. 2017-12-05 security advisory, Ant Plugin fix in 2018-01-22 security advisory

Enhancement

Update Remoting library from 3.16 to 3.17 to improve diagnostic logging for channel read/write events and JEP-200 related class filtering. JENKINS-27035 , JENKINS-49027 , full changelog
Integrate SSHD module 2.4 which updates Apache Mina SSHD Core from 1.6.0 to 1.7.0. pull 3278, SSHD module changelog
Internal/API: Add DataBoundConstructor to LegacySecurityRealm to facilitate reflective instantiation in Jenkins-related tools and frameworks. pull 3279

Enhancement

When Jenkins fails to load plugins, show failures that users need to take action on separate from those due to other plugins failing to load. pull 3256
Upgrade Executable War from 1.36 to 1.37 to allow supplying jenkins.war command-line arguments via standard input using the --paramsFromStdIn parameter. pull 3223, documentation
Jenkins now creates XML 1.1 files to be more accepting of unusual contents. JENKINS-48463
Developer: Introduce ACL#lambda convenience method. pull 3260, Javadoc

Bug fix

Form validation for number of executors now properly shows validation errors and user-friendly message on form submission. JENKINS-47793
Ensure that threads for background tasks cannot be created with a custom classloader to prevent possible Groovy memory leaks. JENKINS-49206
Upgrade Executable War from 1.36 to 1.37 to prevent multiple copies of winstone-*.jar in the temp folder from using up disk space needlessly. JENKINS-22088
Update to task reactor version 1.5 to prevent hanging of Jenkins on startup/reload when an initialization task throws an unhandled exception. JENKINS-48725 , full changelog

Enhancement

Permit additional safe Java platform types for use in XStream (XML serialization) and Remoting (agent communication). pull 3251, pull 3252, pull 3253, JENKINS-49070 , JENKINS-49071
Remove support for unbounded number of SCM polling threads. Previously, the default was infinite and could be set to between 10 and 100. Existing installations with unbounded SCM polling threads will now use the default of 10, and it is no longer possible to use a value outside of this range. pull 3258
Define a minimum required version of the Remoting library (agent communication) and print warnings when an older version is connecting. pull 3250
Improve robustness in case of faulty SCM#guessBrowser implementations. pull 3267
Improve error message when failing to read some files to actually mention the file name. JENKINS-49060 , JENKINS-49112

Bug fix

Restore Manage Jenkins submenu in the context menu accessible from the breadcrumb (regression in 2.103). JENKINS-49129
Fix MalformedInputException or UnmappableCharacterException when reading the log file after finishing a build (regression in 2.102). JENKINS-49112
Jenkins 2.102 and later could fail to start or run properly when loaded inside certain containers, including old versions of Tomcat. JENKINS-49147
Don't attempt to export information about arbitrary offline causes as part of the /computer/(name)/api output, which could result in errors. JENKINS-24452

Enhancement

Permit additional safe types for use in XStream (XML serialization) and Remoting (agent communication). JENKINS-48946 , JENKINS-49000 , JENKINS-49025
Re-style the Manage Jenkins page, including administrative monitors. JENKINS-43786 , blog post
Make Blue Ocean work on Wildfly by excluding its outdated Jackson implementation from the Jenkins class path. JENKINS-48957
Developer: Improve detection of current plugin's or test's classes for exclusion from JEP-200 filtering. pull 3237

Bug fix

Do not downgrade detached plugins when upgrading Jenkins while its previous version was not properly recorded. JENKINS-48899
Restore file permissions granted to group and other for file created by Jenkins (regression in 2.93). JENKINS-48407
Fix a race condition in Initializer implementations creating Items that resulted in their deletion. JENKINS-47406
A ClassCastException or NoSuchMethodException could under certain circumstances mask the actual error when loading erroneous data from an XML file. JENKINS-49054
Properly add apostrophes to several localized strings that were missing them before. pull 3203

Major enhancement

Switch Remoting/XStream denylist to an allowlist. JENKINS-47736 , upgrade guidelines for admins and plugin maintainers, list of affected plugins

Enhancement

Update Jenkins Remoting from 3.15 to 3.16. full changelog, JENKINS-47736 , JENKINS-48686
Limit which section headers are added to the breadcrumb config outline. JENKINS-48773
Reduce memory consumption for concurrent jobs when retrieving cause of blockage. pull 3227
Introduce new hudson.lifecycle.ExitLifecycle to exit instead of restart. JENKINS-47043 , Jenkins features controlled by system properties
Developer: Add a constructor to ToolDescriptor so that subclasses are not required to be an inner class of their Describable. pull 3220

Bug fix

AtomicFileWriter was not fully atomic. Now it uses a FileChannel internally and forces a disk sync when committing. JENKINS-34855

Enhancement

Log EOF exceptions on a FINE level instead of WARNING when the Jetty connection is closed by peer. pull 3214
Improve Chinese and French localizations. pull 3209, pull 3204, pull 3216, pull 3179

Bug fix

Fix HTTP 404 error when clicking on New View sidebar link from another view. JENKINS-48447

Major bug fix

Restore binary compatibility with agents running Remoting versions older than 3.15 (regression in 2.98). JENKINS-48761 , JENKINS-48754 , Retrospective thread in the developer mailing list

Major bug fix

Updating Jenkins jobs and views by XML left fields at their old value if not defined in the new XML. JENKINS-21017

Major enhancement

Update Remoting from 3.14 to 3.15 to fix several issues. full changelog, JENKINS-37566 , JENKINS-37670 , JENKINS-38696 , JENKINS-46724 , JENKINS-47965 , JENKINS-48055 , JENKINS-48130 , JENKINS-48133 , JENKINS-48309

Bug fix

Make the system property hudson.consoleTailKB actually work. JENKINS-48593 , Jenkins features controlled by system properties

Enhancement

Developer: Jenkins#getInstance() is now deprecated as its semantics have been a source of confusion for some time. Use #get() in typical cases and Jenkins#getInstanceOrNull() in rare cases (see Javadoc). JENKINS-48638

Major bug fix

Fix regression in 2.96 that caused a downgrade of Script Security when upgrading Jenkins. JENKINS-48604

Major bug fix

Make sure detached plugins (plugins whose functionality used to be part of Jenkins itself) are installed when upgrading Jenkins past the version at which the plugin was detached. JENKINS-48365

Enhancement

Do not require CSRF crumb to be provided when the request is authenticated using API token. JENKINS-22474
Improve robustness and error handling of various file operations by switching to NIO. JENKINS-47324 , JENKINS-48405
Improve Chinese translation. pull 3176
Developer: Capture more authentication-related events in SecurityListener. JENKINS-27027
Developer: Deprecate hudson.util.Service in favor of Java's ServiceLoader. pull 3191
Developer: Introduce Cause.UserIdCause(String) constructor, which allows creating causes for specified users without switching the user context. pull 3162

Bug fix

Update Stapler from 1.253 to 1.254 to make the form that shows up when a URL requiring POST is accessed using a different HTTP verb work with CSRF protection enabled. JENKINS-34254 , Stapler changelog
Fix a performance regression in Jenkins 2.86 due to lock contention in ExtensionList. JENKINS-48505
Trigger SecurityListener#loggedIn events on programmatic login during self-registration when using HudsonPrivateSecurityRealm. JENKINS-48383

Security

Security fixes. security advisory, announcement blog post

Enhancement

Export assignedLabels for agents and labelExpression for applicable job types in remote API. JENKINS-25286
Optimization: Don't consult the authorization strategy about whether the internal SYSTEM pseudo-user has a given permission. JENKINS-20474
Update SSHD Module 2.0 to 2.3 to fire authentication events in SecurityListeners when a user connects using SSH. changelog

Bug fix

The setup wizard is now resumed upon restart if it hasn't been completed yet, instead of showing the regular login screen (regression in 2.81). JENKINS-47439

Enhancement

Use Java NIO to read and write Unix file permissions by default. The previous behavior can be restored by setting the Java system property hudson.Util.useNativeChmodAndMode to true. JENKINS-36088 , Jenkins features controlled by system properties
Better handling of certain unreproducible XML file load/save errors. pull 3167
Improve user lookup performance, for example from Git changelog calculation. JENKINS-47429
Reduce memory usage when scheduling pipelines on big clusters. JENKINS-48348
Use atomic file moves if available on the underlying file system from AtomicFileWriter. JENKINS-34855
Developer: Add ItemGroup#allItems and similar default methods to ItemGroup. pull 3148
Developer: Add default implementations of deprecated methods to BuildableItem and Item so they don't need to be implemented. pull 3142
Internal: Add documentation and convenience methods for the User.CanonicalIdResolver extension point. pull 3140

Bug fix

Prevent setup wizard from hanging when the two provided passwords differ, instead show a validation error. JENKINS-48080

Enhancement

Revert internal change that broke assumption in ruby-runtime in 2.91, impacting plugins based on it. JENKINS-48116
Improve UI performance with long list of running builds by caching the estimated duration. JENKINS-48350
Cache permission names, allowing Jenkins to recover faster after "stop-the-world" Java GC pauses. JENKINS-48349
Developer: Add AccessControlled#hasPermission(Authentication, Permission) for convenience. pull 3149

Bug fix

Prevent potential NullPointerException when migrating the default "All View" name for a "My Views" user property. JENKINS-48157

Major enhancement

Use Java NIO library instead of native code to create and detect symbolic links and Windows junctions to improve compatibility and robustness. JENKINS-36088 , JENKINS-39179

Bug fix

Prevent concurrent installation of Maven on the same node to prevent problems. JENKINS-34138

Enhancement

Developer: Deprecate the ambiguous User#getUser(String) in favor of the User#getById() or the new User#getOrCreateByIdOrFullName() methods. JENKINS-47718
Developer: Implement default methods in TaskListener and BuildListener interfaces so they don't have to be implemented in subclasses. pull 3122

Major bug fix

Recover from legacy user configuration folders with $ characters that are not part of hex escape sequences. (regression in 2.89) JENKINS-47909
Fix Download from java.sun.com installation method for JDK for downloads requiring an Oracle login after change to the Oracle site (again). JENKINS-47448

Enhancement

Update Remoting from 3.13 to 3.14 in order to apply various performance and stability improvements. full changelog, JENKINS-37566 , JENKINS-45294 , JENKINS-47425 , JENKINS-47901 , JENKINS-47942
Add option to trim specified string parameter values. JENKINS-47115
Update Windows Agent Installer from 1.9.1 to 1.9.2: Do not try to update jenkins-slave.exe on Unix agents when they connect. full changelog, JENKINS-47015
Add a note explaining that the nodes count in label selection does not take into account permissions or other plugins. JENKINS-47940
Improve Chinese localization. pull 3127
Updated default workspace directory naming for new installations to use filesystem-safe variable ITEM_FULL_NAME. JENKINS-12251

Bug fix

Fix icon for Manage Jenkins link in the sidebar of the Global Tool Configuration form. pull 3139
Prevent caching of captcha on the login form. JENKINS-43852
Ensure that the authenticated group is not added twice to the authorities for a user. JENKINS-47768

Security

Security fixes. security advisory

Enhancement

Add sidebar link to create new view. JENKINS-6290
Improve robustness of the /user/(username)/configure page when a UserProperty is missing its descriptor. JENKINS-45977
Improve Russian localization. pull 3113, pull 3115

Enhancement

Stapler library upgraded from 1.252 to 1.253 with Servlet 3.1 support, improved Blue Ocean performance and changes of interest to plugin developers. JENKINS-37062 , Stapler changelog
Commons Codec library upgraded from 1.8 to 1.9. pull 3033
Agents JVM must be 1.8+ and a clear message is shown in connection logs if it is not. JENKINS-44851
Major improvement to Italian localization. pull 3075
Improvements to Chinese localization. pull 3104, pull 3105
Retrieving the list of installed plugins now consumes much less memory. JENKINS-47713
Internal: Move metadata about plugins split from core into a resource file. pull 3110
Developer: Add ExtensionList#lookupSingleton convenience method. pull 3021

Bug fix

When the Jenkins root URL was not configured, the login CLI command did not work.
Allow users with Job/Cancel permission to abort pipeline builds from the builds history widget. pull 3101
Jobs no longer disappear from NestedView lists after renaming. JENKINS-25276

Major enhancement

Launch agent via execution of command on the master has been moved to a new Command Launcher plugin and integrated with the Script Security plugin. JENKINS-47393 , Command Launcher plugin site entry, related security advisory

Enhancement

Add link to recursive cc.xml output on build history page. JENKINS-36282
Developer: Add an empty default implementation for previously abstract methods of SecurityListener. pull 3077
Developer: Deprecate hudson.util.Memoizer and replace its usage in core. pull 3091

Major bug fix

Fix Download from java.sun.com installation method for JDK for downloads requiring an Oracle login after change to the Oracle site. JENKINS-47448

Bug fix

Secret threw ArrayIndexOutOfBoundsException trying to decrypt {}. JENKINS-47500
Race conditions in agents going offline could result in an exception when picking a workspace for a build. JENKINS-47455
Prevent duplicated elements with incorrect URL when using the search on Dashboard View plugin based views. JENKINS-35459
StackOverflowError thrown under some conditions when using Pipeline on 2.85. JENKINS-47517
Prevent NullPointerException updating a folder with a primary view specified in Folders plugin 6.2.0. JENKINS-47416
Developer: Slave.JnlpJar.getURL did not work in some modes when core had a snapshot dependency on the Remoting library. pull 3069

Enhancement

Upgrade Remoting from 3.12 to 3.13. JENKINS-47132 , JENKINS-38711 , full changelog
Restart agent communication related threads on both controller and agents when encountering an unhandled exception, if possible, to improve stability. JENKINS-38711
Improve performance by not querying queue dispatchers from the UI. JENKINS-20046
Use node display name when printing "built on" message in the build log. JENKINS-47168
Enable cc.xml to export jobs in folders recursively when accessed with a query parameter named recursive. JENKINS-36282
Add new administrative monitor warning users about disabled CSRF protection. JENKINS-47372
Developer: Make Xstream2#addCriticalField available for use in plugins. pull 3066

Bug fix

In rare configurations, agents tried to load unloadable classes from the controller, resulting in ClassNotFoundException: javax.servlet.ServletContextListener on agents. JENKINS-46386
Jenkins did not correctly show parts of pipeline builds in side panel widgets if the current view is configured to filter their content. JENKINS-46759

Security

Important security fixes. security advisory

Bug fix

Fix potential HTTP 414 error in form validation of long Batch/Shell tool installer scripts. JENKINS-47058
Fix link from build cause or page header to user profile in case of unusual user names. JENKINS-32623
Properly display agent launch arguments when using nested launch methods. JENKINS-47056

Major bug fix

favicon.ico and other binary resource files were broken since 2.79 because they were incorrectly filtered during the build. JENKINS-47127
Developer: Fix TimeDuration time unit handling and its incorrect usage. TimeDuration uses milliseconds as the default unit. It was supposed to parse sec or secs suffix to interpret the number as seconds, but that never worked. JENKINS-44052

Bug fix

Don't log warning when an anonymous user sends an invalid crumb, usually just an expired session. JENKINS-40344
Developer: Create a copy of a list of parameters in ParametersAction constructor before storing them to improve robustness when the caller reuses that list. JENKINS-45472

Security

Jenkins 2.80 did not initialize the setup wizard on new installations, causing various security options including authentication and authorization to be turned off by default, granting anonymous administrator access. security advisory, notification, JENKINS-47139

Enhancement

Improve error reporting when failing to archive artifacts. pull 2976
Developer: Deprecate hudson.util.TimeUnit2 and replace with java.util.concurrent.TimeUnit. pull 2892

Bug fix

Save the current Jenkins version whenever saving the Jenkins object, e.g. when saving the global security configuration. Plugins may rely on this information for data migration that would be triggered unnecessarily. JENKINS-42577
Prevent possible NullPointerException when removing an item from a list view due to a race condition. JENKINS-23411
Avoid a possible server-side timeout on long-running CLI commands using plain HTTP mode by sending periodic pings from the client. JENKINS-46659
Renaming or moving a folder failed to properly move build directories of its children when using custom build directory, resulting of loss of their builds. JENKINS-44657

Major bug fix

Fix random failures to use passphrase-protected ed25519 SSH private keys (regression in 2.73). JENKINS-46754
Update Remoting library from 3.11 to 3.12 to fix regression in Jenkins 2.68 when using non-writable home directories. JENKINS-45755 , full changelog, issue description in 2.73.1 upgrade guide

Enhancement

Add description of nodes to their remote API. JENKINS-42854
Internal: Require Java 8u101 to build Jenkins, as that's the minimum required to run it since 2.77. pull 3015

Bug fix

Disconnect node on ping timeout instead of leaving the channel half open. JENKINS-46680

Enhancement

Moved Jenkins agent runtime to agent.jar file name, and deprecate (but still support) use of legacy slave.jar. Introduce the AGENTJAR_URL environment variable as replacement for SLAVEJAR_URL. JENKINS-35451
Internal: Implement DescriptorByNameOwner using Java 8 interface default method. Make Computer a DescriptorByNameOwner allowing its use as @AncestorInPath. pull 3009

Bug fix

Accept Basic authentication headers case-insensitively. JENKINS-44663

Enhancement

Default the built-in Jenkins Update Center URL to https://updates.jenkins.io instead of obsolete HTTP endpoint. This requires a JRE compatible with Let's Encrypt, e.g. Oracle JRE 8u101. pull 2996
Internal: Avoid code duplication using default methods. pull 2999

Bug fix

Fix problem with auto upgrade when using custom JENKINS_HOME on Windows. JENKINS-13153
Administrative monitor did not detect when Tomcat's URL escaping does not permit forward slashes. JENKINS-31068
Fix broken UI for users with Discover permission when renaming a job. JENKINS-41637

Major enhancement

Update Remoting from 3.10 to 3.11 to improve stability and diagnosability. JENKINS-37567 , JENKINS-43985 , JENKINS-45023 , JENKINS-45233 , JENKINS-45522 , JENKINS-46259 , full changelog

Enhancement

Major update of the Bulgarian translation. pull 2983
Internal: Allow EnvironmentContributingAction to support Run in addition to AbstractProject. JENKINS-29537
Internal: Updated parent POM; Jenkins core now requires Maven 3.3.9 or newer to build. pull 2985

Enhancement

Update Windows service wrapper from 2.1.0 to 2.1.2 and Windows Agent Installer from 1.9 to 1.9.1. Windows service wrapper changelog, Windows agent installer changelog, pull 2987, JENKINS-46282
Disable obsolete JNLP, JNLP2, and CLI protocols on new Jenkins installations during Setup Wizard. JENKINS-45841 , announcement blog post

Bug fix

Button to validate proxy configuration in Manage Plugins now works correctly with NTLM authorization. JENKINS-46288

Major enhancement

Upgrade Stapler library from 1.250 to 1.252. pull 2956, Stapler changelog

Major bug fix

Stapler 1.252: Prevent file handle leak in LargeText#GzipAwareSession. JENKINS-45903
Prevent core or plugin code from mistakenly attempting to serialize jobs, builds, and users except in their intended top-level XML file positions, preventing a class of serious deserialization-related errors. JENKINS-45892

Bug fix

Stapler 1.252: Restore ability to attach views to interfaces (regression in Jenkins 2.46). JENKINS-43715
Prevent caching of the item categories list by the browser to prevent stale data. JENKINS-43848
Show display name of the current view in window title. pull 2969
Include culprits in XML and JSON API again (regression in 2.60). JENKINS-46082
Improve robustness of the reverse build trigger ("Build after other projects are built"). JENKINS-45909

Enhancement

Improve Polish localization. pull 2974
Log name of the executor thread that died to improve diagnosability. JENKINS-42376
Update Agent Installer module to 1.6 for minor fixes and enhancements. pull 2965, changelog
Internal: Cleanup of Maven dependencies in Jenkins core, allowing plugins depending on this version or later to build without “upper bound” dependency warnings on recent Maven HPI Plugin releases. pull 2956

Enhancement

Avoid unnecessary locking to improve performance related to actions. JENKINS-45244
Improve performance when reading the console text of a build. JENKINS-45915
Add Polish translations for setup wizard. pull 2952

Bug fix

Reliably close build log file when using chained BuildListeners. JENKINS-45057 , JENKINS-43199
Modify the JNLPLauncher configuration page to work around regression in Docker Plugin (regression in 2.72). JENKINS-45895

Enhancement

Enable Remoting work directories by default for newly created agents launched via JNLP (Java Web Start Launcher). JENKINS-44112 , feature documentation
Always follow redirects for downloading update center metadata, so misbehaving plugins cannot break it. JENKINS-38185
Minor optimization to queue maintenance routines and printing of console notes, mainly for the benefit of Pipeline node blocks. JENKINS-45553

Bug fix

Don't monitor response time on offline agents. JENKINS-20272

Enhancement

Winstone 4.1: Add Jetty HTTP/2 connector and corresponding options for Winstone-Jetty. JENKINS-45438 , enabling HTTP/2 support in Winstone-Jetty
Don't reload user records from disk unless explicitly requested to improve performance of user record access. JENKINS-45737

Bug fix

Prevent NullPointerException in Jenkins#getRootURL() while the instance is not fully loaded yet. JENKINS-34914
Contributions to the PATH environment variable could result in malformed values on agents on a platform different from the controller's. JENKINS-14807
JNLP for launching agents now requests Java 8. JENKINS-45679
Prevent NullPointerException when a previous completed build is missing for upstream culprits check. JENKINS-45516
Correctly show or suppress warnings about undefined parameters based on hudson.model.ParametersAction.keepUndefinedParameters system property. JENKINS-45519
Internal: Delete obsolete SECURITY-144-compat exclusion that can break tests. JENKINS-25625

Bug fix

Fix version number shown in 2.0 upgrade wizard. JENKINS-45459

Major enhancement

SSHD Module 2.0: Update from SSHD Core 0.14.0 to Apache MINA SSHD 1.6.0 in Jenkins core and Jenkins CLI. changelog, plugin compatibility notice, JENKINS-43668

Enhancement

SSHD Module 2.0: Enable aes192ctr and aes256ctr ciphers if JVM supports unlimited-strength encryption. JENKINS-39738

Major enhancement

Update Remoting from 3.7 to 3.10 adding opt-in support for work directories and improving logging in Jenkins agents. work directory documentation, logging documentation, Remoting changelog, JENKINS-39370

Enhancement

The reload-configuration CLI command now waits until the reload is finished, and returns an error code if the reload failed. JENKINS-45256

Bug fix

Follow HTTP redirects while initiating CLI connection. JENKINS-44361
Add documentation for time zone specification for cron patterns (e.g. SCM polling). JENKINS-9283
Robustness improvements related to agent connections. JENKINS-43496 , JENKINS-38527

Enhancement

Enable simpler syntax for upstream build trigger in pipelines. JENKINS-34464
Remove the "JNLP" protocol references from the TCP Agent Listener log messages. JENKINS-44103

Bug fix

Internal: Update Annotation Indexer to 1.12 to work around JRE bug in tests. JDK-8182744

Bug fix

When starting the jenkins.war directly, properly check for Java 8 as minimum instead of Java 7 before proceeding. JENKINS-44764
Fix resource loading in plugins using the PluginFirstClassLoader, e.g. loading Groovy classes from plugin resources. JENKINS-44898
Prevent possible NullPointerException when listing remote directories using the FilePath#list() and FilePath#listDirectories() APIs. JENKINS-44942

Enhancement

Allow overriding the Jenkins session ID suffix so it doesn't change on every restart, possibly resulting in too many cookies. how to set session ID, JENKINS-25046 , JENKINS-44894

Bug fix

Prevent NullPointerException when calling restart CLI command (regression in 2.57). JENKINS-44769

Major bug fix

Packaging: Docker alpine image had a Jenkins-incompatible JDK installation (regression in 2.64). JENKINS-44733 , corresponding Alpine Linux issue

Enhancement

Moved agent port and protocol configuration out of "security" (authentication and authorization) block in Configure Global Security. JENKINS-4478
Add section headers for Markup Formatter and CSRF Protection in Configure Global Security form to make these options more obvious. pull 2900
Use one-column layout for REST API documentation (.../api URLs). JENKINS-44563
Plugin Development: Jenkins now no longer publishes a war-for-test artifact. Plugins using this or a later version of Jenkins as baseline need to use plugin parent POM 2.30 or later. JENKINS-24064

Bug fix

Update jnr-posix from 3.0.1 to 3.0.41 to pick up improvements and fixes in the POSIX platforms support. pull 2904
Jenkins failed to perform some cleanup tasks, including saving the build queue, if stopped via REST /exit, CLI shutdown, or when restarting from Install as Windows Service. JENKINS-44589
Don't check whether disabled administrative monitors are active or not on the Manage Jenkins page. JENKINS-44608
Do not submit form when pressing Enter in the plugin manager's filter field. JENKINS-44523

No notable changes in this release.

Enhancement

Fixed Pipeline compatibility for a number of CLI commands (delete-builds, list-changes, console, set-build-description, and set-build-display-name), as well as some issues affecting error reporting in other commands when used with Pipeline. JENKINS-30785 , JENKINS-41527
If you have the Authorize Project plugin installed and configured, its configuration will now be treated as final with respect to the behavior of Job/Build checks from Build other projects and Build after other projects are built. Formerly, if a Per-project configurable Build Authorization was enabled globally but some projects did not specify an Authorization, the two aforementioned checks would automatically fall back to checking as anonymous (typically denying build permission). To restore the former behavior, explicitly configure a Project default Build Authorization to be Run as anonymous. Note that this will affect all build-scoped permission checks, including for example Agent/Build. JENKINS-22949
Internal API: Tasks.getAuthenticationOf now honors authentication contributed by QueueItemAuthenticatorProvider extensions. pull 2880
Update WinP from 1.24 to 1.25 to improve performance and diagnostics of issues like JENKINS-30782. full changelog

Bug fix

Fix for NullPointerException while initiating some SSH connections (regression in 2.59). JENKINS-44120
Prevent StackOverflowError in log recorder when Winstone-Jetty debug logging is enabled. (regression in 2.61) JENKINS-44330 , corresponding Jetty issue

Major enhancement

Upgrade Groovy from 2.4.8 to 2.4.11. Groovy 2.4.9 changelog, Groovy 2.4.10 changelog, Groovy 2.4.11 changelog
Integration of Winstone 4.0: Upgrade bundled Jetty from 9.2.15.v20160210 to 9.4.5.v20170502. This removes support for the deprecated SPDY protocol. The --spdy parameter has been removed accordingly and Jenkins may refuse to start if it's set. full changelog

Bug fix

Jetty 9.4.5: Prevent the 400 Bad Host header error for HttpChannelOverHttp when operating behind reverse proxy. JENKINS-40693 , corresponding Jetty issue

Enhancement

Update the Mailer plugin version installed when updating from very old Jenkins releases to include the fix for SECURITY-372, the SSH Build Agents plugin for SECURITY-161, and the Script Security plugin for SECURITY-258. SECURITY-372, SECURITY-161, SECURITY-258
Freestyle projects may now list Pipeline jobs as downstream and trigger them, without needing to use the Parameterized Trigger plugin or reverse triggers ("Build after other projects are built"). JENKINS-28113
Internal: Define enabling/disabling in ParameterizedJob rather than AbstractProject. JENKINS-27299
Internal: Offer default methods on ParameterizedJob to have less boilerplate code. pull 2864

Enhancement

Update to Windows Service Wrapper 2.1.0 to support new features: download command with authentication, flag for startup failure on download error, Delayed Automatic Start mode. JENKINS-43737
Windows services: Add system property that allows disabling WinSW automatic upgrade on agents. JENKINS-43603 , more information
Internal: Generalize the changelog API to support non-AbstractBuild run types. JENKINS-24141

Bug fix

Windows services: Restore compatibility of the WindowsSlaveInstaller#generateSlaveXml() method (regression in 2.50, no known external usages). JENKINS-42745
Windows services: Prevent fatal file descriptor leak when agent service installer fails to read data from the service startup.log. JENKINS-43930
Use full display name for runs in RSS feed to restore the project name there (regression in 2.59). JENKINS-44117

Major bug fix

Move to latest version of Trilead to fix SSH connection issues following a previous Trilead upgrade. JENKINS-42959 , JENKINS-43979 , JENKINS-44046

Enhancement

Prevent Internet Explorer from caching AJAX requests using Cache-Control header. JENKINS-43929

Bug fix

Properly fail with error when updating view with CLI using input of a different view type. JENKINS-42728
Fix AccessDeniedException in "Build after other projects are built" when user has Discover permission but not Read. JENKINS-42707
Properly log failure due to empty archive in Pipeline. JENKINS-38005
Prevent rare NullPointerException if an admin user is created in the setup wizard after first disabling CSRF protection. JENKINS-44010

Enhancement

Use build display names in RSS feed titles. pull 2845
Update the Trilead SSH library to get support of new Mac, Key, and Key Exchange Algorithms. JENKINS-33021 , JENKINS-26379 , JENKINS-31549
Migrate legacy users only once per restart to improve performance of the user retrieval logic. JENKINS-43936
Internal: Pick up the latest release of version-number library. JENKINS-43733
Internal: Refactor ProcessTree.Windows logic to propagate errors. JENKINS-43825

Security

Important security fixes. security advisory

Bug fix

Plugins did not expect InvalidPathException to be thrown in file-related methods, so wrap them in IOException to restore behavior (regression in 2.55). JENKINS-43531
Remove links in stack traces to the stacktrace.jenkins-ci.org service that has been shut down. JENKINS-42861
If an exception is thrown while rendering an HTTP response, just log the stack trace on the server side, without trying to send an error page to the client. JENKINS-21695
Prevent NullPointerException when a non-existent default view is specified in Configure System. JENKINS-42717
Deleting jobs with running builds could result in NullPointerException (regression in 2.55). JENKINS-43653

Major bug fix

Packaging: Debian package now requires Java 8. (causes regression since 2.54). JENKINS-43495

Enhancement

Added fine-grain logging of FullDuplexHttpService to diagnose issues when establishing an HTTP Duplex connection. pull 2481
Internal API: SSH CLI client authenticator 1.3. Expose PublicKeySignatureWriter to plugins. pull 2840

Bug fix

Update LibZFS from 0.5 to 0.8 to fix compatibility issues with ZFS filesystem and illumos distributions. JENKINS-41932
Before deleting jobs, try to abort the running builds. Error will be thrown instead of the job deletion if its builds cannot be aborted. JENKINS-35160
Ensure that Cloud.PROVISION is properly initialized during the configuration loading. JENKINS-43279
Fix log message formatting when migrating AllView names due to JENKINS-38606". JENKINS-43611
Setup wizard gets into bad state when failures like network issues happen. JENKINS-41778
Catch and log RuntimeException in Computer#setNode() when updating the Computer list. JENKINS-42043
SSH CLI client authenticator 1.4. Add missing SSH Public Key field validation in user configuration. JENKINS-16337

Major enhancement

Jenkins (controller and agents) now requires Java 8 to run. JENKINS-27624 , JENKINS-42709 , pull 2802, announcement blog post
Non-Remoting-based CLI. JENKINS-41745 , pull 2795, announcement blog post

Enhancement

Disable SSH server by default. JENKINS-33595
Use case-insensitive search by default for new and anonymous users. JENKINS-42645

Bug fix

Introduce status indicator for skipped download job. JENKINS-40848
Properly handle saving system configuration when disabling all, or all but one, administrative monitors. JENKINS-42852
When validating a cron expression, consider the specified time zone. JENKINS-43228

Major bug fix

Update to Windows Service Wrapper 2.0.3 and Windows Agent Installer 1.8 to prevent conversion of environment variables to lowercase in the agent executable, regression in Jenkins 2.50. JENKINS-42744 , WinSW Changelog, Windows Agent Installer changelog

Enhancement

GC Performance: Avoid using FileInputStream and FileOutputStream in the core codebase. JDK-8080225, JENKINS-42934
Internal API: Add support of a new full screen mode in layout.jelly. JENKINS-34670

Bug fix

Packaging: Do not invoke recursive chown in JENKINS_HOME during the RPM post-install step unless owned by a different user. JENKINS-23273

Bug fix

Computer#addAction would throw an UnsupportedOperationException since Jenkins 2.30. Such a call site was released in SSH Build Agents Plugin 1.15 for SECURITY-161. JENKINS-42969 , security advisory including SECURITY-161

Enhancement

Update German localization. pull 2777
Remove localizations with very low coverage: Albanian, Basque, Belarusian, Bengali, Esperanto, Galician, Georgian, Gujarati, Hindi, Icelandic, Indonesian, Irish, Kannada, Macedonian, Marathi, Mongolian, Occitan, Punjabi, Sinhala, Tamil, Telugu, Thai. pull 2813

Major bug fix

Restore WMI Windows Agents Plugin 1.2 compatibility by restoring windows-service/jenkins.xml, regression in 2.50. JENKINS-42724

Enhancement

SSHD 1.10: Move SSH server port configuration to security options page. pull 2796
Update Russian localization. pull 2798
Update French localization. JENKINS-42627
Internal API: Add the ability for ItemListener to veto copy operations. JENKINS-34691
Internal API: Save Jenkins after calling setSecurityRealm or setAuthorizationStrategy. pull 2790
Internal API: Annotate PermissionGroup#owner @Nonnull. pull 2805

Bug fix

Internal: Make sure system threads run as SYSTEM. JENKINS-42556
Internal API: Make Run#compareTo work across jobs. JENKINS-42319

Enhancement

Allow searching by build parameter values in the Build History widget. JENKINS-40718
Searching in the Build History widget takes into account user preferences (case sensitivity by default). pull 2683
When creating temporary files, use the jenkins prefix instead of the old hudson one. pull 2778
Windows services: Enable Runaway Process Killer by default in new agent and controller installations. JENKINS-39231
Windows services: Enable auto-upgrade of Remoting on newly installed agents if they are connected by HTTPS. JENKINS-39237
Windows services: Add support of shared directories mapping in Windows agent services. Shared Directory Mapper documentation
Windows services: Change the default Agent service display name prefix to Jenkins agent %ID%. JENKINS-42468
Select controls in Jenkins Web UI now show the spinner icon while waiting for the list of possible options during AJAX. requests. JENKINS-42443
Improve plugin access performance in the default PluginManager implementation. JENKINS-42585
Internal API: Allow providing a custom task name in Run/Schedule UI via the AlternativeUiTextProvider extension. JENKINS-34522

Bug fix

Fix relative links in the SCM polling administrative monitor. pull 2780
Update Remoting from 3.5 to 3.7 in order to prevent file descriptor leaks on agents in the case of multiple connection attempts. full changelog
Windows services: Prevent agent connection reset issues when WinSW gets terminated due to the system shutdown. JENKINS-22692
Windows services: Integrate various stability and performance fixes in Windows Service Wrapper from 1.18 to 2.0.2. There are many fixes around configuration options and process termination. full changelog
Prevent file descriptor leaks when Windows Service installer fails to read data from the service startup log. JENKINS-42670
Search results page did not correctly encode query parameters. JENKINS-42390

Major enhancement

Upgrade the Windows Agent Installer module from 1.6 to 1.7. This change picks major updates in Windows service management logic. This fix caused a critical regression in the WMI Windows Agents Plugin (JENKINS-42724). Update to WMI Windows Agents 1.3.1 in order to get the fix applied. full changelog, guide to upgrading old Windows service agents
Windows services: Upgrade the bundled Windows Service Wrapper from 1.18 to 2.0.2. full changelog

Bug fix

Do not attempt to find the next occurrence of an impossible date such as June 31st in validation of trigger schedules. JENKINS-41864
Remove invalid translations in Slovene. JENKINS-41756

Enhancement

Upgrade Apache Commons Collections to version 3.2.2. Note: Jenkins has been using a denylist to prevent exploiting the serialization vulnerability in 3.2.1 since before 3.2.2 was released. JENKINS-31598
Use redirect URLs on jenkins.io instead of linking to wiki pages directly, allowing future reorganization of documentation without breaking links in Jenkins. pull 2756
Developer: Allow referencing radio buttons in f:validateButton validation methods. pull 2734

Bug fix

Fix performance issue in deduplication of lists of tool installers. JENKINS-42141
Use of the remote API to create items in views (/view/…/createItem) didn't actually add items to views since Jenkins 2.22. JENKINS-41128
Do not display a warning when an SCM trigger has no schedules (either to disable SCM post-commit hooks, or to enable them without polling). JENKINS-42194

Bug fix

Update Groovy to 2.4.8 to address memory leak issue. Do not use this version if you are running Pipeline builds unless you also update Pipeline: Groovy to 2.28 or higher. JENKINS-33358 , JENKINS-42189
Windows service restart did not retain build queue. JENKINS-32820
Exceptions during Jenkins cleanup step should not block restart. JENKINS-42164
Remoting 3.5: Remoting clients now accept lowercase (HTTP 2) headers sent by reverse proxies. JENKINS-40710
Remoting 3.5: Stability improvements. JENKINS-41513 , JENKINS-41852
Developer: Snapshot builds of plugins that had dependencies on other snapshot builds were not having their version numbers compared correctly. JENKINS-41899

Enhancement

Upgrade Remoting to version 3.5. full changelog
Remoting 3.5: Add option to specify the Remoting protocol to use on the client. JENKINS-41730

What's new in 2.46 (2017/02/13)

Failure to serialize a single Action could cause an entire REST export response to fail. Upgraded to Stapler 1.250 with a fix. (issue 40088)
Do not fail to write a log file just because something deleted the parent directory. (issue 16634)
Use extensible BUILD_NOW_TEXT for parameterized jobs. (issue 41457)
Display an informative message, rather than a Groovy exception, when View#getItems fails. (issue 41825)
Don't consider a project to be parameterized if no parameters are defined. (issue 37590)
Don't add all group names as HTTP headers on "access denied" pages. (issue 39402)
Ensure that PluginManager#dynamicLoad runs as SYSTEM. (issue 41684)
Add Usage Statistics section to the global configuration to make it easier to find. (issue 32938)
Allow groovy CLI command via SSH CLI. (issue 41765)

What's new in 2.45 (2017/02/06)

Delete obsolete pinning UI. (issue 34065)
Don't try to set Agent Port when it is enforced, breaking form submission. (issue 41511)
Use project-specific validation URL for SCM Trigger, so H is handled correctly in preview. (issue 26977)
Fix completely wrong Basque translation. (pull 2731)

What's new in 2.44 (2017/02/01)

Important security fixes (security advisory)

What's new in 2.43 (2017/01/29)

Print stack traces in logical order, with the most important part on top. (pull 1485)

What's new in 2.42 (2017/01/22)

IllegalStateException from Winstone when making certain requests with access logging enabled. (issue 37625)

What's new in 2.41 (2017/01/15)

Restore option value for setting build result to unstable when loading shell and batch build steps from disk. (issue 40894)
Autocomplete admin-only links in search suggestions only when admin. (issue 7874)
Improve agent protocol descriptions. (issue 40700)
Improve description for Enable Security option and administrative monitor when security is off. (issue 40813)
Enable the JNLP4 agent protocol by default. (issue 40886)

What's new in 2.40 (2017/01/08)

Support displaying of warnings from the Update Site in the Plugin Manager and in administrative monitors. (issue 40494, announcement blog post)
Do not print warnings about undefined parameters when hudson.model.ParametersAction.keepUndefinedParameters property is set to false. (pull 2687)
Increase the JENKINS_HOME disk space threshold from 1Gb to 10Gb left. The warning will be shown only if more than 90% of the disk is utilized. (issue 40749)
Plugin Manager: Redirect back to the Advanced Tab when saving the Update Site URL. (pull 2703)
Prevent the ClassNotFoundException: javax.servlet.ServletException error when invoking shell tasks on remote agents. (issue 40863)
Jobs were hanging during process termination on the Solaris 11 Intel platform. (issue 40470, regression in 2.20)
Fix handling of the POST flag in ManagementLinks within the Manage Jenkins page. (issue 38175)
Require POST in the Reload from disk management link. (pull 2692)

What's new in 2.39 (2017/01/02)

Properties were not passed to Maven command by Maven build step when the Inject Build Variables flag was not set. (issue 39268)
Update remoting to 3.4 in order to properly terminate the channel in the case Errors and Exceptions. (issue 39835)
Improved Polish and Catalan translations. (pull 2688 and pull 2686)

What's new in 2.38 (2016/12/25)

Update to Winstone 3.2 to support ad-hoc certificate generation on Java 8 (using unsupported APIs). This option is deprecated and will be removed in a future release. We strongly recommend you create self-signed certificates yourself and use --httpsKeyStore and related options instead. (issue 25333)
The install-plugin CLI command now correctly installs plugins when multiple file arguments are specified. (issue 32358)
Correctly state that Jenkins will refuse to load plugins whose dependencies are not satisfied in plugin manager. (issue 40666)

What's new in 2.37 (2016/12/18)

Allow defining agent ping interval and ping timeout in seconds. It can be done via the hudson.slaves.ChannelPinger.pingIntervalSeconds and hudson.slaves.ChannelPinger.pingTimeoutSeconds system properties. (issue 28245)
Delegate JNLP HMAC computation to SlaveComputer instances when possible. (issue 40286)
Diagnosability: Split Exception handling of node provision and adding to Jenkins. (issue 38903)
Do not report -noCertificateCheck warning to STDOUT. (pull 2666)
Improve overall performance of Jenkins by accessing item group elements without sorting where it is possible. (pull 2665)
Convert URI encoding check on the Manage Jenkins page into admin monitor. (issue 39433)
Update SSHD Core from 0.8.0 to 0.14.0. (pull 2662)
SSHD Module: Handshake was failing (wrong shared secret) 1 out of 256 times due to SSHD-330. (issue 40362)
View display name was ignored during rendering of tabs. (issue 39300)
Job configuration submission now does not fail when there is no parameters property. (issue 39700, regression in 1.637)
Fix names of item loading and cleanup Jenkins initialization stages. (issue 40489)
Performance: Use bulk change when submitting Job configurations to minimize the number of sequential config.xml write operations. (issue 40435)
Check for Updates button in the Plugin Manager was hidden in the Updates tab when there was no plugins updates available. (issue 39971)
Remoting 3.3: Agent JAR cache corruption was causing malfunctioning of agents. (issue 39547)
Remoting 3.3: Improve diagnostics of the preliminary FifoBuffer termination in the JNLP2 protocol. (issue 40491)
Remoting 3.3: Hardening of FifoBuffer operation logic. The change improves the original fix of JENKINS-25218. (remoting pull #100)
Remoting 3.3: ProxyException now retains info about suppressed exceptions when serializing over the channel. (remoting pull #136)
API: Introduce the new Jenkins#isSubjectToMandatoryReadPermissionCheck(String restOfPath) method for checking access permissions to particular paths. (issue 32797)
API: Introduce new Node#getNodeProperty() methods for retrieving node properties. (issue 40365)
API: Introduce new Items#allItems() methods for accessing items in item groups without sorting overhead. (issue 40252)
Improved Polish translation. (pull 2643)

What's new in 2.36 (2016/12/11)

Several badges were missing in builds flagged as KeepBuildForever. (issue 40281, regression in 2.34)
Retain cause of blockage if the Queue task cannot be taken due to the decision of QueueTaskDispatcher extension, NodeProperty and other extensions. (issue 38514)
Internal API: Allow overriding UserProperty.setUser(User). (issue 40266)
Internal API: Restrict usage of core localization message classes in plugins. These message classes are not guaranteed to be binary compatible. (pull 2656)

What's new in 2.35 (2016/12/04)

Add display name and full display name of items to the remote API. (issue 39972)
API: Allow specifying log level in SystemProperties when a System property is undefined. (pull 2646)
Followup fix for JENKINS-23271 in 2.34 addressing plugin implementations not using ProcStarter. (pull 2653)

What's new in 2.34 (2016/11/27)

Improve performance of Action retrieval methods. It speeds up core and plugin logic operating with Actionable objects like items, folders, nodes, etc. (issue 38867)
Update the SSHD module from 1.7 to 1.8. The change disables obsolete Ciphers: AES128CBC, TripleDESCBC, and BlowfishCBC. (issue 39805)
Update the Windows process management library (WinP) from 1.22 to 1.24. Full changelog is available here, only major issues are mentioned below. (pull 2619)
WinP 1.24: Native class now tries loading DLLs from the temporary location. (issue 20913)
WinP 1.24: WinP sometimes kills wrong processes when using killRecursive(). It was likely impacting process termination on Windows agents and sometimes leading to BSoD. (issue 24453, WinP Issue #22)

What's new in 2.33 (2016/11/20)

Reduce size of Jenkins WAR file by not storing identical copies of remoting.jar/agent.jar there. (pull 2633)
Prevent early deallocation of process references by Garbage Collector when starting a remote process. It was sometimes causing build failures with messages like FATAL: Invalid object ID 184 iuota=187 and java.lang.Exception: Object was recently deallocated. (issue 23271)
Make handling of internalization resource bundle names compliant with W3C standards. (issue 39034)
Redirect to login page in the case of authorisation error when checking connectivity to the Update Center. (issue 39741)
Remove the obsolete hudson.showWindowsServiceInstallLink property from the slave-agent.jnlp file. It was causing harmless security warnings in Java web start. (issue 39883)
Improved Polish translation. (pull 2640)

What's new in 2.32 (2016/11/16)

Important security fixes (security advisory)
Allow disabling the Jenkins CLI over HTTP and JNLP agent port by setting the System property jenkins.CLI.disabled to true.

What's new in 2.31 (2016/11/13)

Performance: Improve responsiveness of Jenkins web UI on mobile devices. (issue 39172, continuation of the patch in 2.28)
It was not possible to connect Jenkins agents via Java Web Start due to the issue in Remoting 3.0. Upgraded to Remoting 3.1 with a fix. (issue 39596, regression in 2.26)
Prevent NullPointerException when rendering CauseOfInterruption.UserInterruption in build summary pages for non-existent users. (issue 38721 and issue 37282, regression in 2.14)
Reduce logging level when the localization resource is missing ResourceBundleUtil#getBundle(). (issue 39604)
ExtensionList.removeAll was not unimplemented in Jenkins extension management API. It was causing issues during dynamic loading of GitHub and BitBucket branch source plugins on the same instance. (issue 39520)
Remoting 3.1: hudson.remoting.Engine (mostly Java Web Start) was failing to establish connection if one of the URLs in urls parameter was malformed. (issue 39617)
Remoting 3.1: Add method for dumping diagnostics across all the channels (e.g. in the Support Core Plugin). (issue 39150)
Remoting 3.1: Improve the caller/callee correlation diagnostics in thread dumps. (issue 39543)
Remoting 3.1: Add the org.jenkinsci.remoting.nio.NioChannelHub.disabled flag for disabling NIO, mostly for debugging purposes. (issue 39290)
Remoting 3.1: Add extra logging to help diagnosing IOHub concurrent thread number spikes. (issue 38692)
Remoting 3.1: When a proxy fails, report what caused the channel to go down. (issue 39289)
Improved Polish translation. (pull 2631)

What's new in 2.30 (2016/11/07)

Adjust incompatible Actionable initialization changes made for issue 39404). It caused massive regressions in plugins like Jenkins Pipeline. (issue 39555, regression in 2.29)
Integration of Stapler 1.246 caused regressions in plugins depending on Ruby Runtime Plugin. Upgraded to Stapler 1.248 with a fix. (issue 39414, regression in 2.28)
Custom remoting enable/disable settings were not properly persisted on the disk and then reloaded. If the option has been configured in Jenkins starting from 2.16, a reconfiguration may be required. (issue 39465)

What's new in 2.29 (2016/11/06)

Warning! This release is not recommended for use due to issue 39555 and issue 39414. We are working on the out-of-order release (discussion).

Performance: Optimize log retrieval logic for large log files. (issue 39535)
Integration of Stapler 1.246 caused regressions in plugins depending on Ruby Runtime Plugin. Upgraded to Stapler 1.247 with a partial fix. (issue 39414, partial fix)
Jenkins startup does not fail if one of ComputerListeners throws exception in the onOnline() handler. (issue 38487)
Queue: Do not consider pending tasks from the internal scheduling logic when looking for duplicate tasks. It was causing race conditions in Jenkins Pipeline. (issue 39454)
Internal: Modify the Actionable API to provide methods to assist with manipulation of persisted actions. (issue 39404)
Internal: Jelly attribute documentation now supports the since tag. (Stapler pull #84)

What's new in 2.28 (2016/10/30)

Performance: Improve responsiveness of Jenkins web UI on mobile devices. (issue 39172)
Print warnings if none of Tool Installers can be used during the tool installation. (issue 26940)
Update the minimal required versions of the detached Maven Project plugin from 2.7.1 to 2.14. Changelog is available here. (pull 2606)
Update the minimal required versions of the detached JUnit plugin from 1.2-beta-4 to 1.6. Changelog is available here. (pull 2606))
Relax requirements of the JNLP connection receiver, which was rejections connections from agents not using JNLPComputerLauncher (e.g. from Slave Setup, vSphere Cloud and other plugins). No the connection is accepted from launchers implementing other proxying and filtering Launcher implementations. Particular plugins may require setting up the jenkins.slaves.DefaultJnlpSlaveReceiver.disableStrictVerification system property in the controller JVM to allow connecting agents. (issue 39232, regression in 2.28)
Prevent resource leak in hudson.XmlFile#readRaw() in the case of encoding issues. (issue 39363)
Prevented endless loop in LargeText.BufferSession.skip(), which was causing hanging of Pipeline jobs in corner cases. (issue 37664)
Internal: Upgrade Stapler library from 1.243 to 1.246 with fixes required for the Blue Ocean project. More details are coming soon. Raw changes are listed here. (pull 2593)
Internal: Start defining APIs that are for the controller JVM only. (issue 38370)
Internal: Update Guice dependency from 4.0-beta to 4.0. This change required upgrade of detached plugins (see above). (pull 2568)

What's new in 2.27 (2016/10/23)

Upgrade to the Remoting 3 baseline. Compatibility notes are available here. (issue 37564)
Remoting 3.0: New JNLP4-connect protocol, which improves performance and stability compared to the JNLP3-connect protocol. (issue 36871)
Remoting 3.0: Agents using slave.jar now explicitly require Java 7. (issue 37565)
Prevent deadlocks during modification of node executor numbers (e.g. during deletion of nodes). (issue 31768)
Add missing internationalization support to ResourceBundleUtil. It fixes internationalization in Blue Ocean and Jenkins Design Language. (issue 35845)
Internal: Make the code more compatible with Java 9 requirements and allow its editing in newest NetBeans versions with NB bug 268452. (pull 2595)
Internal: Icon handling API for items. Deprecate TopLevelItemDescriptor#getIconFilePathPattern() and switch to IconSpec. (issue 38960)

What's new in 2.26 (2016/10/17)

Allow CommandInterpreter build steps to set a build result as Unstable via the return code. Shell and Batch build steps now support this feature. (issue 23786)
Performance: Avoid acquiring locks in MaskingClassloader. (issue 23784)
Performance: Update XStream driver to improve performance of XML serialization/deserialization. (pull 2561)
Harden checks of prohibited names in user creation logic. Untrimmed spaces and different letter cases are being checked now. (issue 35967)
Performance: Fix the performance of file compress/uncompress operations over the remoting channel. (issue 38640, issue 38814)
Restore automatic line wrapping in Build Step text boxes with syntax highlighting. (issue 27367)
Properly remove disabled Administrative Monitors from the extension list. (issue 38678)
Remoting 2.62.2: Improve connection stability by turning on Socket Keep-alive by default. Keep-alive can be disabled via the -noKeepAlive option. (issue 38539)
Remoting 2.62.2: Prevent NullPointerException in Engine#connect() when host or port parameters are null or empty. (issue 37539)
Node build history page was hammering the performance of the Jenkins instance by spawning parallel heavy requests. Now the information is being loaded sequentially. (issue 23244)
Cleanup spelling in CLI help and error messages. (issue 38650)
Properly handle quotes and other special symbols in item names during form validation. (issue 31871)
Internal: Invoke hpi:record-core-location during the build in order to enabled coordinated run across repositories. (pull 1894)
Internal: Bulk cleanup of @since definitions in Javadoc. (pull 2578)

What's new in 2.25 (2016/10/09)

Display transient actions for labels. (issue 38651)
Add user to restart log message for restart after plugin installation. (issue 38615)
Internal: Code modernization: Use try-with-resources a lot more (pull 2570)

What's new in 2.24 (2016/10/02)

Show notification with popup on most pages when administrative monitors are active. (issue 38391)
Allow disabling/enabling administrative monitors on Configure Jenkins form. (issue 38301)
Ensure exception stacktrace is shown when there's a FormException. (pull 2555)
Add new jenkins.model.Jenkins.slaveAgentPortEnforce system property, which prevents slave agent port modification via Jenkins Web UI and form submissions. (PR #2545)
Indicate hovered table row on striped tables. (issue 32148)
Decrease connection timeout when changing the JNLP agent port via Groovy system scripts. (issue 38473)
Added Serbian localization. (PR #2554)
Exclude /cli URL from CSRF protection crumb requirement, making the CLI work with CSRF protection enabled and JNLP port disabled. (issue 18114)
Prevent instantiation of jenkins.model.Jenkins on agents in the ProcessKillingVeto extension point. (issue 38534)
Fix handling of the jenkins.model.Jenkins.slaveAgentPort system property, which was not honored. (issue 38187, regression in 2.0)
CLI: Disable the channel message chunking by default. Prevents connection issues like java.io.StreamCorruptedException: invalid stream header: 0A0A0A0A. (issue 23232)
CLI: Connection over HTTP was not working correctly. (issue 34287, regression in 2.0)

What's new in 2.23 (2016/09/18)

Fix JS/browser memory leak on Jenkins dashboard. (issue 10912)
Build history was not properly updating via AJAX. (issue 31487)
Properly enable submit button on New Item page when choosing item type first. (issue 36539)

What's new in 2.22 (2016/09/11)

Change symbol and constructor for SCMTrigger to pollScm to make it usable in Pipeline scripts. (issue 37731)
Prompt user whether to add the job to the current view. (issue 19142)
Update to sshd module 1.7, allowing definition of client idle timeout. (pull 2534, issue 36420)
Update to sezpoz 1.12 with better diagnostics. (pull 2525)
Fix NullPointerException when descriptor is not in DescriptorList. (issue 37997)
Use the correct 'gear' icon for Manage Jenkins in Plugin Manager. (issue 34250)

What's new in 2.21 (2016/09/04)

Ask for confirmation before canceling/aborting runs. (issue 30565)
Add newline after the text in userContent/readme.txt. (PR #2532)
Fixed the missing icon in the System Script console. (issue 37814)
Print warnings to system logs and administrative monitors when Jenkins initialization does not reach the final milestone. (issue 37874, diagnostics for issue-37759)
Developer API: UpdateSite#getJsonSignatureValidator() can be now overridden and used in plugins. (PR #2532)

What's new in 2.20 (2016/08/28)

Make Cloud.PROVISION permission independent from Jenkins.ADMINISTER. (issue 37616)
Allow the use of custom JSON signature validator for Update Site metadata signature checks. (issue 36537)
Do not process null CRON specifications in build triggers. (issue 36748, enhances fix in 2.15)
Setup wizard now checks if the restart is supported on the system before displaying the restart button. (issue 33374)
Test Windows junctions before Java 7 symlink in symbolic link checks. (issue 29956)
Fixed background color in the ComboBoxList element in order to make options visible. (issue 37549)
Fixed editing default view description with automatic refresh. System message is not being displayed instead of the view description. (issue 37360)
Fixed process tree management logic on Solaris with 64-bit JVMs. (issue 37559)

What's new in 2.19 (2016/08/21)

Prevent File descriptor leaks when reading plugin manifests. It causes failures during the upgrade of detached plugins on Windows. (issue 37332, regression in 2.16)
Prevent resource leaks in AntClassLoader being used in the core. (issue 37561)
Fix the wrong message about empty field in the case duplicate item name in the New Item dialog. (issue 34532)
Allow invoking Upgrade Wizard when Jenkins starts up. It can be done by placing an empty jenkins.install.InstallUtil.lastExecVersion file in JENKINS_HOME. (issue 37438)
Replace repetitious "website" and "dependencies" text in the Setup Wizard by icons. (issue 37523)
Expose Job name to system logs when Jenkins fails to create a new build with IllegalStateException. (issue 33549)
Downgrade Queue#maintain() message for dead executors during task mapping from INFO to FINE. (PR #2510)

What's new in 2.18 (2016/08/15)

Better diagnostics and robustness against old ChangeLogAnnotator API usage in plugins. Enhances JENKINS-23365 fix in 1.569. (issue 36757)
Prevent open file leak when the agent channel onClose() listener writes to the already closed log. (issue 37098)
Stop A/B testing of the remoting JNLP3 protocol due to the known issues. The protocol can be enabled manually via the jenkins.slaves.JnlpSlaveAgentProtocol3.enabled system property. (issue 37315)
When checking Update Center, append ?uctest parameter to HTTP and HTTPS URLs only. (issue 37189)
Incorrect formatting of messages in the Update Center and Setup Wizard. (issue 36757)
Massive cleanup of issues reported by FindBugs. User-visible issues - wrong log message formatting bugs in the Update Center and user creation logic. (issue 36717, PR #2459)
Remoting 2.61: JNLP agent connection issue with JNLP3-connect when the generated encrypted cookie contains a newline symbols. (issue 37140)
Remoting 2.61: Retry loading classes when remote classloader gets interrupted. (issue 36991)
Remoting 2.61: Improve diagnostics of Local Jar Cache write errors. (remoting PR #91)
Remoting 2.62: Be robust against the delayed EOF command when unexporting input and output streams. (issue 22853)
Remoting 2.62: Cleanup of minor issues discovered by FindBugs. (remoting PR #96)
Remoting 2.62: Improve class filtering performance in remote invocations. (issue 37218)
Remoting 2.62: TCP agent connection listener now publishes a list of supported agent protocols to speed up the connection setup. (issue 37031)
Improve German, Lithuanian and Bulgarian translations. (PR #2473, PR #2470, PR #2498 )

What's new in 2.17 (2016/08/05)

Don't load all builds to display the paginated build history widget. (issue 31791)
Add diagnostic HTTP response to TCP agent listener. (issue 37223)
Internal: Invoke FindBugs during core build. (issue 36715)

What's new in 2.16 (2016/07/31)

Fix plugin dependency resolution. Jenkins will now refuse to load plugins with unsatisfied dependencies, which resulted in difficult to diagnose problems. This may result in errors on startup if your instance has an invalid plugin configuration., check the Jenkins log for details. (issue 21486)
Decouple bouncycastle libraries from Jenkins into bouncycastle-api plugin. (issue 36923)
Upgrade to instance-identity module 2.1. (issue 36922)
Hide the Java Web Start launcher when the TCP agent port is disabled. (issue 36996)
Allow admins to control the enabled agent protocols on their instance from the global security settings screen. (issue 37032)
Make sure that the All view is created. (issue 36908)
Remove trailing space from Hudson.DisplayName in Spanish, which resulted in problems with Blue Ocean. (issue 36940)
Honor non-default update sites in setup wizard. (issue 34882)
Display delete button only when build is not locked. (pull 2483)
Use build start times instead of build scheduled times in build timeline widget. (issue 36732)
Ensure that detached plugins are always at least their minimum version. (issue 37041)
Internal: Move CLI commands wait-node-online/wait-node-offline from core to CLI module. (issue 34915)
Internal: Allow accessing instance identity from core. (issue 36871)
Internal: Fix the default value handling of ArtifactArchiver.excludes. (issue 29922)

What's new in 2.15 (2016/07/24)

Tell browsers not to cache or try to autocomplete forms in Jenkins to prevent problems due to invalid data in form submissions. From now on, only select form fields (e.g. job name) will offer autocompletion. (issue 18435)
Add a cache for user information to fix performance regression due to SECURITY-243. (issue 35493)
Prevent null pointer exceptions when not entering a cron spec for a trigger. (issue 36748)
Defend against some fatal startup errors. (issue 36666)
Use the icon specified by the computer implementation on its overview page. (issue 36775)
Internal: Extract the CLI command offline-node from core. (issue 34468)

What's new in 2.14 (2016/07/17)

Minor optimization in calculation of recent build stability health report. (issue 36629)
Underprivileged users were unable to use the default value of a password parameter. (issue 36476)
Allow keeping builds forever with custom build retention strategies. (issue 26438)
Properly handle exceptions during global configuration form submissions when SCM Retry Count field is empty. (issue 36387)
When a user aborts the build, this user may be restored after its deletion. (issue 36594)
Prevent potential NullPointerException in the BlockedBecauseOfBuildInProgress build blockage cause visualization. (issue 36592)
CLI commands quiet-down and cancel-quiet-down were extracted from the core to CLI. (issue 35423)
Developer API: Extract listing of computer names to the ComputerSet#getComputerNames() method. (issue 35423)
Developer API: Add a try with resources form of impersonation. (issue 36494)
Developer API: Usage of ItemCategory#MIN_TOSHOW in external plugins is now restricted. (issue 36593)

What's new in 2.13 (2016/07/10)

IllegalStateException under certain conditions when reloading configuration from disk while jobs are in the queue. (issue 27530)
Eliminate “dead executor” UI appearing after certain errors, such as JENKINS-27530. (PR 2440)
Make setup wizard installation panel usable on small screens. (issue 34668)

What's new in 2.12 (2016/07/05)

Enable the DescriptorVisibilityFilters for ComputerLauncher, RetentionStrategy and NodeProperty. (issue 36280)
Before starting a process, ensure that its working directory exists. (issue 36277)
Prevent NullPointerException during SCM polling if SCMDecisionHandler returns null veto. (issue 36232, regression in 2.11)
Ensure that SCMDescriptor.newInstance overrides are honored when creating new SCM entries. (issue 36043, issue 35906 , regression in 2.10)
Performance: Improve configuration page load times by removing the CodeMirror reloading cycle. (issue 32027)
Fix optional plugin dependency version resolution. (issue 21486)
When creating a tar file, ensure that the final size does not exceed the value in header in the case of growing files. (Issue 20187)
Do not inject build variables into Maven process by default for new projects. (issue 25416, issue 28790)
Update BUILD_TAG environment variable description to mention the replacement of slashes with dashes. (PR #2417)
Internal API: Make BulkChange auto-closeable. (PR #2428)

What's new in 2.11 (2016/06/26)

Provide an extension point for SCM decisions such as whether to poll a specific job's backing repository for changes. (issue 36123)

What's new in 2.10 (2016/06/19)

Better exception message if a SecurityRealm returns null when loading a user. (PR #2407)
Prevent NullPointerException in user registration if user ID is not specified. (issue 33600)
Internal: It was impossible to build Jenkins on 32-bit Linux machine. (issue 36052, regression from 2.0)

What's new in 2.9 (2016/06/13)

Always send usage statistics over HTTPs to the new usage.jenkins.io hostname. (issue 35641)
Performance: Disable AutoBrowserHolder by default to improve the changelog rendering performance. (issue 35098)
Remoting 2.60: Make the channel reader tolerant against Socket timeouts. (issue 22722)
Remoting 2.60: Proper handling of the no_proxy environment variable. (issue 32326)
Remoting 2.60: Do not invoke PingFailureAnalyzer for agent=>controller ping failures. (issue 35190)
Remoting 2.60: hudson.Remoting.Engine#waitForServerToBack now uses credentials for connection. (issue 31256)
Remoting 2.60: Fix potential file handle leaks during the build agent startup. issue 35190)
Internal: Upgrade Groovy to 2.4.7 to finalize the fix in Jenkins 2.7. (issue 34751)
API: Allow delegating TaskListener creation to build agent implementations. (issue 34923)
API: Restrict external usages of jenkins.util.ResourceBundleUtil. (issue 35381)
API: Make it easier for UpdateSites to tweak the InstallationJob. (issue 35402)

What's new in 2.8 (2016/06/05)

Explicitly declare compatibility of Windows build agent service with .NET Framework 4. (PR #2386)
API: Introduce new listener extension point for agent creation/update/deletion. (issue 33780)
Lossless optimization sizes of PNG images in Jenkins. (PR #2379)
Fix the repeatable item delete button layout in Safari. Addresses Build Steps and other such configuration items. (issue 35178)
Installation Wizard: Do not offer creating new admin user if the security is preconfigured. (issue 34881)
Prevent NullPointerException on startup after update from Jenkins 2.5. (issue 35206)
Honor noProxy settings from "Manage Jenkins > Manage Plugins > Advanced". (issue 31915)
Add NTLM support to the proxy validation logic. (PR #1955)

What's new in 2.7 (2016/05/29)

Prevent stack overflow when using classes with complex generic type arguments (e.g. hudson.model.Run or hudson.model.Job). Regression in Groovy 2.4, see GROOVY-7826 for more info. (issue 34751)
Do not invoke PingFailureAnalyzer for agent=>controller ping failures. (issue 35190)
Fix keyboard navigation in setup wizard. (issue 33947)
Cleanup of Javascript issues discovered by the JSHint static analysis tool. (issue 35020)
DelegatingComputerLauncher now accepts child classes in its hooks (pre-offline, pre-connect, etc.). (issue 35198)
Internal: Activate JSHint in Jenkins js-builder component during the core build. (issue 34438)
Internal: Add symbol annotation for SystemInfoLink. (PR #2375)
Internal: NodeJS build was malfunctioning on Win x64. (issue 35201)

What's new in 2.6 (2016/05/22)

Adapt the Setup Wizard GUI to provide a similar user experience when upgrading Jenkins. (issue 33663)
Improve extensibility of the Setup Wizard GUI: InstallState and InstallStateFilter extension points. (PR 2281 as supplementary change for issue 33663)
Improve User Experience in the New Item form. Submit button is always visible. (issue 34244)
Allow passing a list of safe job parameters in ParametersAction. It simplifies fixing of plugins affected by SECURITY-170 fix. (PR 2353)
Added Symbol annotations for ParametersDefinition and BuildDiscarder properties. (PR 2358)
Extended the online-node CLI command for accepting multiple agents. (issue 34531)
Listed Parameters should reflect what was used when the build ran (filtering of unsafe parameters). (issue 34858)
Scalability: Fix performance issues in the XML unmarshalling code. (issue 34888)
Support the legacy icon size specification approach in the Status Ball visualization. (issue 25220, regression in 1.586)
Migrate the leftover system properties to the new engine introduced in 2.4. (issue 34854)
Do not show warnings about a missing Tool Installer if it is present in at least one Update Site. (issue 34880)
Prevent hanging of the installation wizard due to the plugin status update issue. (issue 34708)
Internal: CLI command connect-node was extracted from the core to CLI. (issue 31417)

What's new in 2.5 (2016/05/16)

Do not throw exceptions if Jenkins.getInstance() returns null instance. It was causing failures on Jenkins agents in the case of unexpected API usage by agents. (issue 34857, regression in 2.4)
Replace jenkins.model.Jenkins.disableExceptionOnNullInstance by jenkins.model.Jenkins.enableExceptionOnNullInstance to address the behavior change. (issue 34857)

What's new in 2.4 (2016/05/15)

Internal/build: jenkins-ui (NPM module) is private, used only internally. (issue 34629)
Do not print stack trace during a plugin installation if it is missing its dependencies. (issue 34683)
Allow specifying custom AbortExceptions. (pull 2288)
Add a hudson.model.UpdateCenter.defaultUpdateSiteId system property, which allows specifying an alternate default Update Site ID. (issue 34674)
Allow setting of properties from context.xml and web.xml in addition to setting system properties from the command line. (issue 34755)
Remove the historical initialization of CVS changelog parser for jobs without explicit SCM definition. Warning! This change may potentially cause a regression if a Jenkins plugin depends on this default behavior and injects changelogs without SCM. (issue 4610)
Add the JOB_BASE_NAME environment variable to builds (job name without path). (issue 25164)
Allow overriding Jenkins UpdateCenter by a custom implementation. (issue 34733)
Allow overriding Jenkins PluginManager by a custom implementation. (issue 34681)
Installation Wizard: Allow altering the list of suggested plugins from update sites. (issue 34833)
Prevent hanging of the Installation Wizard if the default Update Site ID cannot be resolved. In such case an error message will be displayed. (issue 34675)
Prevent hanging of the Installation Wizard if the internet check is skipped for the default update site. (issue 34705)
Do not fail with error when enabling a plugin, which has been already enabled. It prevents errors in the new Installation Wizard, which installs plugins in parallel. (issue 34710)
Plugin Manager was building incorrect list of bundled plugins for nested dependencies. (issue 34748)
Prevent fatal failure of the updates check PeriodicWork if update site certificate is missing. (issue 34745)
Pick up missing Downloadable items on restart if all update centers are up to date. (issue 32886)
Allow starting non-AbstractProject (e.g. Pipeline) jobs from CLI. (issue 28071)
Disable JSESSIONID in URLs when running in the JBoss web container. It prevents Error 404 due to invalid links starting from Jenkins 1.556. More info: WFLY-4782 (issue 34675)
Prevent RSS ID collisions for items with same name in different folders. (issue 34767)
Prevent NoSuchMethodException in loginLink.jelly when attempting to start a job using REST API. (issue 31618)
Make ToolInstallers to follow HTTP 30x redirects. (issue 23507)
Prevent NullPointerException in the parameter definition job property if it gets initialized incorrectly. (issue 34370)
Bundle Font Awesome and Google Fonts: Roboto dependencies to prevent failures in the offline mode. (issue 34628)
Internal: CLI commands disconnect-node and reload-configuration were extracted from the core to CLI. (issue 34328 and issue 31900)
Internal: Support latest source version to avoid compile time warnings with JDK7. annotation-indexer and sezpoz have been updated to 1.11. (issue 32978)
Developer API: Switch Jenkins.getInstance() to @Nonnull. (new system property) (pull 2297)
Remoting, scalability: Ensure that the unexporter cleans up whatever it can each GC sweep. (issue 34213)
Remoting: Force class load on UserRequest to prevent deadlocks on Windows nodes agents in the case of multiple classloaders. (Controlled by hudson.remoting.RemoteClassLoader.force) (issue 19445)
Remoting: Allow Jenkins admins to adjust the socket timeout. (Controlled by hudson.remoting.Engine.socketTimeout) (issue 34808)
Remoting: Allow disabling the remoting protocols individually. Allows working around compatibility issues like JENKINS-34121. (Controlled by PROTOCOL_CLASS_NAME.disabled) (issue 34819)

What's new in 2.3 (2016/05/11)

Important security fixes (see the security advisory for details and plugin compatibility issues)

What's new in 2.2 (2016/05/08)

Add symbol annotations on core. (pull 2293)
Upgrade Stapler to 1.243. (pull 2298)
Internal/build: Enable JSHint during build. (issue 34438)
Workaround for unpredictable Windows file locking. (issue 15331)
Improved Lithuanian translation. (pull 2309)
Improved French translation. (pull 2308)
Restrict access to URLs related to plugin manager. (issue 31611)
API: New HttpSessionListener extension point. (pull 2303)
Don't go through init sequence twice. (pull 2177)
Create Item form can be navigated using keyboard again. (issue 33822)
Fix inline help for node name field. (issue 34601)

What's new in 2.1 (2016/05/01)

Enable disabled dependencies during plugin installations. (issue 34494)
Force ordering between GPG and jarsigner to ensure correct GPG signature. (pull 2285)
Secured Jenkins installations didn't properly save the queue on shutdown. (issue 34281)
Add dependency resolution to manually uploaded plugins. (issue 15057)
Show Jenkins version on setup wizard. (issue 33535)
Update remoting to 2.57. (issue 33999)
Allow retrying plugin downloads in setup wizard. (issue 33244)
Add links to homepage of plugins and dependencies in setup wizard. (issue 33936, issue 33937)
Improved handling of the 'close' button during setup wizard. (issue 34137)
Wrong spacing in flat mode of 'Create Item' screen. (issue 31162)
Add timestamp to the jarsigner signature. (pull 2284)
Improved French translation. (pull 2267)
Improved Lithuanian translation. (pull 2286)
Improved Brazilian Portuguese translation. (pull 2273)
Prevent errors when hiding management links. (issue 33683)
Internal: Make logger field private. (issue 34093)
Shorter timeout for plugin downloads to prevent setup wizard from hanging. (issue 34174)
Check if job is buildable before showing 'Build with parameters' page. (issue 34146)
Fixed race condition in agent offline cause. (issue 34448)
Allow enabling disabled dependencies in the plugin manager to fix broken configurations. (issue 32340)
Always display clicked scrollspy items as active in setup wizard. (issue 33948)
Prevent multiple installations of the same dependency. (issue 33950)

What's new in 2.0 (2016/04/20)

New password-protected setup wizard shown on first run to guide users through installation of popular plugins and setting up an admin user. (issue 30749, issue 9598)
Plugin bundling overhaul: Bundled plugins are only installed if necessary when upgrading, all plugins can be uninstalled. (issue 20617)
Redesigned job configuration form makes it easier to understand the option hierarchy, and to navigate the form. (issue 32357)
Richer 'Create Item' form with job icons and job categories (once a threshold of three categories has been reached). (issue 31162)
Upgrade wizard encourages installation of Pipeline related plugins when upgrading from 1.x. (issue 33662)
Jenkins now requires Servlet 3.1. Upgraded embedded Winstone-Jetty to Jetty 9 accordingly. This removes AJP support when using the embedded Winstone-Jetty container. (issue 23378)
Bundled Groovy updated from 1.8.9 to 2.4.6. (issue 21249)
Added option to prohibit anonymous access to security realm "Logged in users can do anything", enable by default. (issue 30749)
Renamed 'slave' to 'agent' on the UI. (issue 27268)
Improvements to inline documentation of numerous form fields in Jenkins global and job configuration. (issue 33364)
Change default CSRF protection crumb name to Jenkins-Crumb for nginx compatibility. (issue 12875)
Enforce correct icon size in list view. (issue 33799)
CLI: Fixed NPE when non-existent run is requested. (issue 33942)

What's new in 1.656 (2016/04/03)

Advertise the correct JNLP port when using the system property override. (pull 2189)
Pipeline runs not reliably started after restart when using Build after other projects are built. (issue 33971)
Prevent badges in build history sidepanel widget from overlapping page contents. (issue 33826)
Developer API: Allow putting @Initializer annotations on instance methods. (pull 2176)
Core development: Rerun failing tests rather than ignoring flaky tests. (pull 2188)
Core development: Prevent leaking threads due to NioChannelSelector. (pull 2176)

What's new in 1.655 (2016/03/27)

Downgrade Stapler to 1.239 to fix remote API issues. (issue 33546, issue 33605)
Plugin filters were failing to be removed and blocking restart. (issue 33681)
Do not hardcode .bat extension for Maven on Windows. (issue 33693)
Reduce log level of UncaughtExceptionHandler message on startup. (pull 2171)
Don't store redundant build causes, make list of build causes immutable. (issue 33467)
Developer API: Add Fingerprint.getXStream(). (pull 2163)
Core Development: Add the .mvn directory and set default -Xmx value. (pull 2162)

What's new in 1.654 (2016/03/21)

Improve logging and error message when JNLP is already in use. (issue 33453)
NullPointerException from BuildTrigger$DescriptorImpl.doCheck when using Build other projects in Promotion process of a CloudBees template, and perhaps other circumstances. (issue 32525)
Improved the Build Other Projects help message. (issue 32134)
FutureImpl.cancel() doesn't cancel the linked job. (issue 33038)
Reject malformed range syntax in fingerprints data. (issue 33037)
Do not fail update center check if there are no tool installers defined. (issue 32831)
Log otherwise unhandled exceptions when threads die. (issue 33395)
Do not specifically require .NET framework 2.0 since 4.0 will do as well. (issue 21484)

What's new in 1.653 (2016/03/13)

Support encrypted communication between controller and JNLP agents. (issue 26580)
Fix argument masking for sensitive build variables on Windows. (issue 28790)
More compact representation of redundant build causes. (issue 33467)
Developer API: Jenkins.getInstance() cannot be null anymore. Introduced Jenkins.getInstanceOrNull().

What's new in 1.652 (2016/03/06)

Under some conditions Jenkins startup could fail because of incorrectly linked extensions; now recovering more gracefully. (issue 25440)
Developer API: Add WorkspaceList.tempDir(…). (issue 27152)

What's new in 1.651 (2016/02/28)

Move periodic task log files from JENKINS_HOME/*.log to JENKINS_HOME/logs/tasks/*.log and rotate them periodically rather than overwrite every execution. (issue 33068)
Fix documentation of proxy configuration. (pull 2060)

What's new in 1.650 (2016/02/24)

Important security fixes (security advisory)

What's new in 1.649 (2016/02/21)

Allow changing the directory used for the extraction of plugin archives via the --pluginroot CLI option (also controllable via the hudson.PluginManager.workDir system property / context parameter. Also document the --webroot CLI parameter in java -jar jenkins.war --help (issue 32765)
Unify CLI exit code semantics. (issue 32273)
ArrayIndexOutOfBoundsException when parsing range set. (issue 32852)
Improved Polish translation. (pull 2041, pull 2044)

What's new in 1.648 (2016/02/17)

Improved Czech and Polish translation. (pull 2008, pull 2017, pull 2018)
Generate new instance identity file when the existing one is found to be corrupt. (issue 29240)

What's new in 1.647 (2016/02/04)

Retrieve tool installer metadata from all update sites. (issue 32328)

What's new in 1.646 (2016/01/25)

The official parent POM for plugins is now hosted in the plugin-pom repository, starting with version 2.0. (issue 32493)
Under some conditions a build record could be loaded twice, leading to erratic behavior. (issue 22767)
Fields on the parameters page are no longer aligned at the bottom. (issue 31753)
Added missing translations for Polish language. (pull 1986)

What's new in 1.645 (2016/01/18)

Cleanup of CLI error handling and return codes. (issue 32273)
Boot failure hook script did not work, WebAppMain.contextDestroyed produces weird errors. (issue 24696)
Don't request usage statistics update if Jenkins hasn't finished loading. (issue 32190)
Split test harness into separate artifact. (issue 32478)
Fix encoding of some help files. (pull 1975)
Remove JUnit dependency pulled in from JLine. (pull 1981)
Pass $it to contents of dropdownDescriptorSelector. (issue 19565)

What's new in 1.644 (2016/01/10)

API changes: Add a reusable implementation of IdleOfflineCause class. (commit 7e05b50)
Add time zone to generation date in footer in most locales. (issue 32194)
Prevent renaming nodes from overwriting existing nodes. (issue 31321)
Avoid synchronization when setting/getting the list of JDKs to improve performance. (issue 31932)
The Windows service wrapper now specifies the --webroot argument to extract the war file into %BASE%. (pull 1951)

What's new in 1.643 (2015/12/20)

Fix when multiple clouds are set up and provisioning of a node is denied. (issue 31219)
Allow retrying core update when the first attempt failed. (issue 11016)
Allow specifying the default TCP agent listener port via system property. (commit 653fbdb)

What's new in 1.642 (2015/12/13)

Various kinds of settings could not be saved since 1.640. (issue 31954)

What's new in 1.641 (2015/12/09)

Important security fixes (security advisory)

What's new in 1.640 (2015/12/07)

Added support of default values in the enum.jelly form element. (PR 1926)
Bytecode Compatibility Transformer computes the common super class without loading classes. Fixes the ClassCircularityError exception in Ruby Runtime Plugin. (issue 31019)
Extended Choice parameter definitions could not be saved since 1.637. (issue 31458)
Display expected CRON run times even if a warning occurs. (issue 29059)
Rework the online-node command implementation, no functional changes. (issue 31776)
Fix the footer behavior in particular cases. (issue 30304, issue 31395)
API changes: Deprecate subclassing of hudson.Plugin. (PR 1940)

What's new in 1.639 (2015/11/29)

“Discard old builds” setting would be lost if resaving job configuration as of 1.637 without rechecking the box. (issue 31518)
“Form too large” errors from Jetty when submitting massive forms. (issue 20327)
Multiple workspace browser features broken on Windows controllers since 1.634. (issue 31015)

What's new in 1.638 (2015/11/11)

Important security fixes (security advisory)

What's new in 1.637 (2015/11/08)

Remove useless warnings about a JDK named null. (issue 31217)
New OptionalJobProperty class to simplify JobProperty creation. (pull 1888)

What's new in 1.636 (2015/11/01)

Add "lastCompletedBuild" job permalink. (issue 26270)

What's new in 1.635 (2015/10/25)

Make Node implement Saveable. (issue 31055)
Revert trigger optimizations made in 1.621 by PR 1617. (issue 30745)
Delegate CLI's delete-node command to the overridable Computer.doDoDelete() method. Fixes the issue in OpenStack and JClouds plugins. (issue 31098, regression in 1.618)
Prevent autocorrect of username on mobile devices in login forms. (PR 1531)
Describe the built-in JDK as "(System)". (issue 755)
Update JNA library to 4.2.1 in order to integrate fixes for linux-ppc64 and linux-arm platforms. (issue 15792)

What's new in 1.634 (2015/10/18)

Fix order of builds in new builds history widget introduced in 1.633. (issue 30899)
Bytecode Compatibility Transformer would fail to transform some classes resulting in ClassNotFoundException. (issue 30820)
Prevent ClassCastException in AbstractBuild::reportError() if the build step is not Publisher. (issue 30730)
Trim job names during the rename operation (it is impossible to delete or rename jobs with trailing spaces). (issue 30502)
Add "graphBg" and "plothBg" background color options to plot URLs (PR 1769)
API changes: Add get method for causes of interruption in hudson.model.Executor (PR 1712)
Allow case insensitive file patterns in Artifacts Archiving. (issue 5253)
Prevent NullPointerException while estimating duration of Queue executable items. (issue 30456)
Fix the resolution of Windows symbolic links in SecretRewriter. (issue 30456)
Let a combobox display its drop-down when focused, so users can see candidates without entering a letter. (issue 26278)

What's new in 1.633 (2015/10/11)

Added safari pinned tab icon. (discussion)
Plugin Manager UI changes to prevent users from enabling/disabling/uninstalling plugins at the "wrong" time. (issue 23150)
bytecode-compatibility-transformer produces malformed bytecode. (issue 28781)
Properly handle RuntimeExceptions in run retention policy handler calls. (issue 29888)
Prevent NullPointerException in CLI if Jenkins cannot find the specified job or a job with the nearest name. (issue 30742)
Do not show REST API link for pages, which have no API handlers. (issue 29014)
JS alert preventing to leave a configuration page without changes. (issue 21720)
JS error triggered by collapsing build history widget. (issue 30569)
Build history pagination and search. (issue 26445)

What's new in 1.632 (2015/10/05)

Optimize TagCloud size calculation. (issue 30705)
FlyWeightTasks tied to a label will not cause node provisioning and will be blocked forever. (issue 30084)
Prevent NullPointerException for disabled builds in ReverseBuildTrigger. (issue 29876)
ConsoleLogFilter wasn't truly global (issue 30777)
API changes: hudson.Util.isOverridden() now supports protected methods. (issue 30002)
Sidepanel controls with confirmation (lib/layout/task) did not assign the proper CSS style. (issue 30787)

What's new in 1.631 (2015/09/27)

Add proper labels for plugin categories assigned to some plugins. (PR 1758)

What's new in 1.630 (2015/09/20)

Make JenkinsRule useable on systems which don't support JNA (issue 29507)

What's new in 1.629 (2015/09/15)

Old data monitor made Jenkins single-threaded for all saves. (issue 30139)

What's new in 1.628 (2015/09/06)

Replaced all non java.util.logging logging libraries with slf4j interceptors. (PR 1816)
Document allBuilds subtree in remote API for jobs. (PR 1817)

What's new in 1.627 (2015/08/30)

Race condition in triggers could cause various NullPointerExceptions. (issue 29790)
Archiving of large artifacts. Tar implementation cannot handle files having a size >8GB. (issue 10629)
Allow plugins to augment or replace the plugin manager UI. (PR 1788)

What's new in 1.626 (2015/08/23)

RunIdMigrator fails to revert Matrix and Maven jobs. (issue 29989)
Fix error message "Failed to listen to incoming slave connection" after fixing port through init.groovy.d. (issue 29798)

What's new in 1.625 (2015/08/17)

Fixed a deadlock between the old data monitor and authorization strategies. (issue 29936)
Allow rejecting configurations with errors in critical fields via REST / CLI. (issue 28440)
Do not display No changes if changelog is still being computed. (issue 2327)

What's new in 1.624 (2015/08/09)

Allow more job types to use a custom "Build Now" text. (issue 26147)

What's new in 1.623 (2015/08/02)

No notable changes in this release.

What's new in 1.622 (2015/07/27)

Jenkins now support self-restart and daemonization in FreeBSD (PR 1770)
Node provisioner may fail to correctly indicate that provisioning was finished. (issue 29568)

What's new in 1.621 (2015/07/19)

Sort by 'Free Disk Space' is incorrect. (issue 29286)
Label expression help is missing in recent Jenkins versions. (issue 29376)
Preemptively break memory cycles causing excessive live-set retention in remoting layer. (issue 28844)
Don't run trigger for disabled/copied projects. (PR 1617)

What's new in 1.620 (2015/07/12)

Display system info even when agent is temporarily offline. (issue 29300)

What's new in 1.619 (2015/07/05)

Update auto-installer metadata for newly installed plugins. (issue 27694)
Allow plugins to veto process killing. (issue 9104)

What's new in 1.618 (2015/06/29)

Fix deadlock in hudson.model.Executor. (issue 28690)
Don't truncate /consoleText output after fixed number of lines. (issue 14899)
Allow delete-* CLI commands to operate on multiple arguments. (issue 28041)
Prevent NullPointerException in Executor/causeOfDeath page if there is no exception details. (issue 25734)
Fixed synchronization issue when setting JDK installations. (issue 28292)
Fix several loggers which are identifying as the wrong class. (PR 1651)
Revert fix for issue 17290 due to the regressions it caused. (issue 28601)
Fix deadlock between hudson.model.Queue and hudson.model.Computer. (issue 28840)
Fix jobs getting stuck in the Queue when there exists a cycle of upstream/downstream blocks between them. (issue 28926)
Always use earlier start time when merging two equivalent queue items. (issue 2180)

What's new in 1.617 (2015/06/07)

Regression in build-history causing ball to not open console (issue 28704)
JNLP agents did not pick up changes to environment variables. (issue 27739)
NullPointerException in AbstractProject constructor if Jenkins nodes has not been loaded yet (issue 28654)

What's new in 1.616 (2015/05/31)

Job loading can be broken by NullPointerException in a build trigger (issue 27549)

What's new in 1.615 (2015/05/25)

Improper calculation of queue length in UnlabeledLoadStatistics causing overheads in Cloud agent provisioning (issue 28446)
Category titles in Available Plugins list appear wrong in reverse sort order (issue 17290)
CronTab API: Timezone support for scheduling (issue 9283)
NullPointerException when trying to reset Jenkins admin address (issue 28419)
Reduce the thread overhead in NodeMonitorUpdater (PR 1714)
Build history overflows (issue 28425)
Build History badges don't wrap (issue 28455)

What's new in 1.614 (2015/05/17)

ExtensionList even listener. (issue 28434)
NullPointerException computing load statistics under some conditions. (issue 28384)
Plugins using class loader masking did not work properly over the agent channel. (issue 27289)
DefaultJnlpSlaveReceiver now returns true when rejecting a takeover. (issue 27939)
Do not follow href after sending POST via l:task (issue 28437)

What's new in 1.613 (2015/05/10)

Update bundled LDAP plugin in order to restore missing help files (issue 28233)
hudson.model.Run.getLog() throws IndexOutOfBoundsException when called with maxLines=0 (issue 27441)

What's new in 1.612 (2015/05/03)

Jenkins now requires Java 7. (announcement, issue 28120)
Handle AbortException publisher status in the same way as deprecated false boolean status (issue 26964)
Ensures GlobalSettingsProvider does not swallow fatal exceptions (issue 26604)
add datestamp to node-offline message (issue 23917)
Larger minimum popup menu height. (issue 27067)
Descriptor.getId fix in 1.610 introduced regressions affecting at least the Performance and NodeJS plugins. (issue 28093 and issue 28110)
Under rare conditions Executor.getProgress() can throw a Division by zero exception. (issue 28115)
The Run from the command line option for launching a JNLP agent should display the configured JVM options. (issue 28111)

What's new in 1.611 (2015/04/26)

Descriptor.getId fix in 1.610 introduced a regression affecting at least the Copy Artifacts plugin. (issue 28011)
Search box did not work well inside folders. (issue 24433)
Revert changes in 1.610 made to resolve issue 10629. (issue 28012, issue 28013)
Advertise JNLP agents to the correct host name, even in the presence of a reverse proxy. (issue 27218)
Advertised TCP agent port number is made tweakable.
Correctly identify Channel listener onClose propagated exceptions (issue 28062

What's new in 1.610 (2015/04/19)

Since 1.598 overrides of Descriptor.getId were not correctly handled by form binding, breaking at least the CloudBees Templates plugin. (issue 26781)
Reverted in 1.611, reimplemented in 1.627. Archiving of large artifacts. Tar implementation cannot handle files having a size >8GB. (issue 10629)
The queue state was not updated between scheduling builds. (issue 27708, issue 27871)

What's new in 1.609 (2015/04/12)

When concurrent builds are enabled, artifact retention policy may delete artifact being used by an actually running build. (issue 27836)
Documentation for $BUILD_ID did not reflect current reality (issue 26520)

What's new in 1.608 (2015/04/05)

PeepholePermalink RunListenerImpl oncompleted should be triggered before downstream builds are triggered. (issue 20989)
NPE when /script used on offline agent. (issue 26751)
Make periodic workspace cleanup configurable through system properties. (issue 21322)
Do not offer to restart on /restart and /safeRestart if the configuration does not support it. (issue 27414)
Polling was skipped while quieting down, resulting in ignored commit notifications. This behavior was changed. (issue 26208)
Starting this version, native packages are produced from the new repository. File issues related to installers and packages in the packaging component.

What's new in 1.607 (2015/03/30)

JSONP served with the wrong MIME type and rejected by Chrome. (issue 27607)
Security file pattern whitelist was broken for some plugins since 1.597. (issue 27055)
Lock an Executor without creating a Thread (issue 25938)
Hide flyweight master executor when ≥1 heavyweight executors running as subtasks (issue 26900)
Way to mark an Executable that should not block isReadyToRestart (issue 22941)
Refactor the Queue and Nodes to use a consistent locking strategy (issue 27565) Note that this change involved moving agent definitions outside the main config.xml file. If you downgrade after this, your agent settings will be lost.
Makes the Jenkins is loading screen not block on the extensions loading lock (issue 27563)
AdjunctManager: exception upon startup (issue 15355)
Removes race condition rendering the list of executors (issue 27564)
Tidy up the locks that were causing deadlocks with the once retention strategy in durable tasks (issue 27476)
Remove any requirement from Jenkins Core to lock on the Queue when rendering the Jenkins UI (issue 27566)
Prevent lazy loading operation when obtaining label information. (issue 26391)
Ensure that the LoadStatistics return a self-consistent result. (issue 21618)
Build reports to be running for 45 yr and counting. (issue 26777)

What's new in 1.606 (2015/03/23)

Jenkins CLI doesn't handle arguments with equal signs (issue 21160)
controller/agent communication ping reacts badly if a clock jumps. (issue 21251)
JNLP agents can now connect to controller through HTTP proxy. (issue 6167)
Fixes to several security vulnerabilities. (advisory)

What's new in 1.605 (2015/03/16)

Integrate Stapler fix for queue item API always returning 404 Not Found since 1.601. (issue 27256)

What's new in 1.604 (2015/03/15)

Added a switch (-Dhudson.model.User.allowNonExistentUserToLogin=true) to let users login even when the record is not found in the backend security realm. (issue 22346)
Avoid deadlock when using build-monitor-plugin. (issue 27183)
As security hardening, mark "remember me" cookie as HTTP only (issue 27277)
Show displayName in build remote API. (issue 26723)

What's new in 1.602 (2015/03/08)

Show Check Now button also on Available and Updates tabs of plugin manager. (PR 1593)

What's new in 1.601 (2015/03/03)

Regression with environment variables in 1.600. (issue 27188)
Errors with concurrent matrix builds since 1.597. (issue 26739)
Errors in Dashboard View plugin since 1.597. (issue 26690)
Robustness improvement when setting up Archive Artifacts programmatically. (issue 25779)
Map Queue.Item.id onto Run (issue 27096)

What's new in 1.600 (2015/02/28)

Fixes to multiple security vulnerabilities. (security advisory)
JDK auto-installer for Mac OSX
An error thrown in the wrong place in a publisher could result in a failure to release a workspace lock. (issue 26698)
Cache node environment to prevent unnecessary channel usage (issue 26755)
Build history text field wrap fails when containing markup (issue 26406)
Maven build step fail to launch mvn process when special chars are present in build variables. (issue 26684)

What's new in 1.599 (2015/02/16)

Errors in some Maven builds since 1.598. (issue 26601)
Build format change migrator in 1.597 did not work on some Windows systems. (issue 26519)
Remote FilePath.chmod fails with ClassNotFoundException: javax.servlet.ServletException. (issue 26476)
Added SimpleBuildWrapper API. (issue 24673)
Animated ball in job's build history widget won't open Console Output. (issue 26365)
Show job name in Schedule Build column tool tip. (issue 25234)
Allow OldDataMonitor to discard promoted-build-plugin Promotions (issue 26718)

What's new in 1.598 (2015/01/25)

FutureImpl does not cancel its start future. (issue 25514)
Flyweight tasks were under some conditions actually being run on heavyweight executors. (issue 10944) (issue 24519)
Folder loading broken when child item loading throws exception. (issue 22811)
Plugin icon images were broken when running Jenkins from a UNC path. (issue 26203)
Allow admin signup from /manage as well. (issue 26382)
Amend JAVA_HOME check to work with JDK 9. (issue 25601)
CLI list-jobs command should display raw name, not display name, where they differ. (issue 25338)
Show queue item parameters in tool tip. (issue 22311)
Better support functional tests from Gradle-based plugins. (issue 26331)
Allow users to delete builds even if they are supposed to be kept. (issue 26281)
Fixed side/main panel scrolling issues. (issue 26312, issue 26298, issue 26306)
Improve error reporting when channel closed during build. (issue 26411)
Fixed CodeMirror issue with height and re-enabled syntax highlighting in shell build step. (issue 25455, issue 23151)

What's new in 1.597 (2015/01/19)

JENKINS_HOME layout change: builds are now keyed by build numbers and not timestamps. See Wiki for details and downgrade. (issue 24380)
Do not throw exception on /signup when not possible. (issue 11172)
Tool installer which downloads and unpacks archives should not fail the build if the tool already exists and the server returns an error code. (issue 26196)
Fingerprint compaction aggravated lazy-loading performance issues. (issue 19392)
Possible unreleased workspace lock if SCM polling fails during setup. (issue 26201)
Misleading description of the 'workspace' permission. (issue 20148)
Run parameters should show display name if set, rather than build numbers. (issue 25174)
Add range check for H(X-Y) syntax. (issue 25897)

What's new in 1.596 (2015/01/04)

Build page was broken in Hungarian localization while building. (issue 26155)
Allow breaking label and node lists. (issue 25989)

What's new in 1.595 (2014/12/21)

Spurious warnings in the log after deleting builds. (issue 25788)
Master labels disappear when system configuration is updated. (issue 23966)
Updated icon-set dependency to version 1.0.5. (issue 25499, issue 25498)

What's new in 1.594 (2014/12/14)

After recent Java security updates, Jenkins would not gracefully recover from a deleted secrets/master.key. (issue 25937)
Restrict where this project can be run regressed in 1.589 when using the ClearCase plugin. (issue 25533)

What's new in 1.593 (2014/12/07)

Dynamic Single/Multi line Build History layout. (issue 25381, issue 25393, issue 24687, issue 24589)

What's new in 1.592 (2014/11/30)

Performance problems on large workspaces associated with validating file include patterns. (issue 25759)

What's new in 1.591 (2014/11/25)

Always use forward slashes in path separators during in ZIP archives generated by Directory Browser (issue 22514)

What's new in 1.590 (2014/11/16)

Basic Authentication in combination with Session is broken (issue 25144)
Some plugins broken since 1.584 if they expected certain events to be fired under a specific user ID. (issue 25400)
Fixed various real or potential resource leaks discovered by Coverity Scan (pull request 1434)
API changes: Expose AbstractProject.AbstractProjectDescriptor#validateLabelExpression for plugins. (pull request 1456)
API method to aggregate multiple FormValidations into one. (pull request 1458)
API method to get non-null Jenkins instance with internal validation (issue 23339)

What's new in 1.589 (2014/11/09)

JNA error in WindowsInstallerLink.doDoInstall. (issue 25358)
Restore compatibility of label assignment for some plugins. (issue 25372)

What's new in 1.588 (2014/11/02)

Unnecessarily slow startup time with a massive number of jobs. (issue 25473)
Custom workspace option did not work under some conditions. (issue 25221)

What's new in 1.587 (2014/10/29)

Queue didn't always leave a trail for cancelled items properly (issue 25314)
JNA update for deprecated JNA-POSIX library. (issue 24527)
Introduced agent-to-controller security mechanism to defend a controller from agents. (SECURITY-144, security advisory)

What's new in 1.586 (2014/10/26)

Bumping up JNA to 4.10. This is potentially a breaking change for plugins that depend on JNA 3.x (issue 24521)
Prevent empty file creation if file parameter is left empty. (issue 3539)
Servlet containers may refuse to let us set secure cookie flag. Deal with it gracefully. (issue 25019)
Existing FileParameters should be handled as different values to avoid merging of queued builds (issue 19017)

What's new in 1.585 (2014/10/19)

Build health computed repeatedly for a single Weather column cell. (issue 25074)
Missing workspace page should use 404 status code. (issue 10450)
Fixed memory leak occurring on pages producing incremental output with a progress bar. (issue 25081)
Updated SSH Build Agents plugin to 1.8.
Due to the reaction, default umask in debian package is set back to 022 (issue 25065)
Greater-than characters are not escaped in HTML outputs like e-mails (issue 16184)
Thread starvation from OldDataMonitor. (issue 24763)
Integer overflow in quiet-down timeout calculation (issue 24914)
Don't put session IDs in URLs even when cookies are disabled. (issue 22358)
Show keep build log reason in tool tips (pull request 1422)
Do not disable projects, which do not support such operation (like Matrix configurations) (issue 24340)
Improved the scalability of SSH Build Agents plugin caused by global lock in SecureRandom (issue 20108)
Incorporated a fix for "Poodle" (CVE-2014-3566) vulnerability in the HTTPS connector of "java -jar jenkins.war" (issue 25169)

What's new in 1.584 (2014/10/12)

Diagnostic thread names are now available while requests are still in filters
When killing Windows processes, check its critical flag to avoid BSoD (issue 24453)
When a user could not see a view, but could delete/move/rename jobs contained in it, the view was not properly updated. (issue 22769)
Use POST for cancel quiet down link. (issue 23020, issue 23942)
Do not consider port in use error to be a successful start of Jenkins on Debian. (issue 24966)

What's new in 1.583 (2014/10/01)

Fixes to multiple security vulnerabilities. (security advisory)

What's new in 1.582 (2014/09/28)

Channel reader thread can end up consuming 100% CPU. (issue 23471)
CancelledKeyException can cause all JNLP agents to disconnect (and the problem remains until restart). (issue 24050)
Consider dynamic label assignments for label load statistics. (issue 15576)
Use Windows line endings for batch file build steps. (issue 7478)
Reduced the logging clutter about the lack of @ExportedBean. (issue 24458)
Character encoding problem in form submission when file parameters are present. (issue 11543)
Improved error handling and "in-progress" UI feedback in JNLP agent to service installation.
Winstone 2.4: reverse proxy support in the logging, request header size limit control, and different private key password from keystore password. (issue 23665)
umask setting on Debian did not work. (pull 1397)
handle job move when buildDir is configured to a custom location. (issue 24825)

What's new in 1.581 (2014/09/21)

Use slightly larger Jenkins head icon. (pull 1360)
Allow setting a system property to disable X-Frame-Options header. (issue 21881)
Explicitly set background color of various UI elements to white. (issue 24625)
Wrong Hebrew localization resulted in broken console output since 1.539. (issue 24614)

What's new in 1.580 (2014/09/14)

Health reports saved to disk before 1.576 showed no weather icon since that version. (issue 24407)
Renaming jobs fails if parent dir of custom build records directory does not exist. (issue 19764)
Add editable descriptions for label atoms. (issue 6153)

What's new in 1.579 (2014/09/06)

ConcurrentModificationException in RunListProgressiveRendering. (issue 21437)
StackOverflowError for some old SCMListeners. (issue 23522)
Job status page shows "Build has been executing for null on master" for flyweight tasks. (issue 20307)
File locking issue when running functional tests on Windows. (issue 21977)
Tolerate ?auto_refresh in reverse proxy check on /manage page. (issue 24014)
Debian package now sets umask to 027 by default for better default privacy. See /etc/default/jenkins to change this. (issue 24514)

What's new in 1.578 (2014/08/31)

Added 'no-store' to the 'Cache-Control' header to avoid accidental information leak through local cache backup (issue 24337)
Deadlock in OldDataMonitor. (issue 24358)
Use absolute links for computer sidepanel items so they don't break as easily. (issue 23963)

What's new in 1.577 (2014/08/24)

Failure to migrate legacy user records in 1.576 properly broke Jenkins, resulted in NullPointerExceptions. (issue 24317)
Jenkins did not correctly display icons contributed by plugins in 1.576. (issue 24316)
Moved JUnit reporting functionality to a plugin. (issue 23263)
Fixed ClassCastException on org.dom4j.DocumentFactory (issue 13709)
Jenkins now logs warnings when it fails to export objects to XML/JSON. This can result in a lot of log output in case of heavy API use. We recommend that API users use the ?tree parameter instead of ?depth. (commit)
Allow BuildStep to work with non-AbstractProject (issue 23713)
Improved class loading performance when using Groovy. (issue 24309)
Prevent NullPointerException from Executor.run. (issue 24110)
Make the lifetime of queue items cache configurable. (issue 19691)
Support --username/--password authentication for CLIMethod based CLI commands. (issue 23988)
Don't link to /safeRestart after update if Jenkins cannot restart itself. (issue 24032)
Properly consider busy executors when reducing a node's executor count. (issue 24095)

What's new in 1.576 (2014/08/18)

Worked around "incompatible InnerClasses attribute" bug in IBM J9 VM (issue 22525)
Fixed a file descriptor leak with CLI connections. (issue 23248)
Fixed a regression that removed all users with uppercase letters in the user name since 1.566. (issue 23872)
Improving security of set-build-parameter and set-build-result CLI commands. (issue 24080)
Startup can be broken by deeply recursive causes in build records. (issue 24161)
Displaying unabridged test result trend on project index page defeated lazy loading. (issue 23945)
Added support for host:port format in X-Forwarded-Host header. (commit 19d8b80)
API to launch processes without printing the command line. (issue 23027)
Added option to increase impact of test failures on the weather report. (issue 24006)
Modernized sidebar <l:pane>s and making them work better with new layout. (issue 23810, issue 23829)
Add option to CLI to skip key authentication (e.g. when there's a password on the default key). (issue 23970)
Modernize tabBar and bigtable. Makes the project view look better. Same for Plugin Manager. (issue 24030)

What's new in 1.575 (2014/08/10)

Move option to fingerprint artifacts to Archive the Artifacts, Advanced options. (commit f43a450)
Move option to keep dependencies (builds) from Fingerprint to Advanced Project Options. (commit a8756c6)
Improved validation of Build Record Root Directory setting. (issue 14538)
Indicate which node the workspace being viewed is on. (issue 23636)
Show full project name for projects in folders. (issue 22971)
UI redesign: Shrink the top bar, change logo, changed links in top bar. (pull 1327, (pull 1328)
Killing processes started by builds on Unix was broken as of 1.553. (issue 22641)
Should not stop a build from finishing just to compute JUnit result difference to a prior build which is still running. (issue 10234)
Do not show link to System Information page for offline agents, make page more robust when offline. (issue 23041)
Fix link to SCM polling log from downstream job cause. (issue 18048)
Autocomplete logger names. (issue 23994)
UI redesign: Fix links in header bar when logged in.
Do not show changes for the build at the lower bound of the changes list. (issue 18902)
Restrict access to SCM trigger status page to administrators. (pull 1282)

What's new in 1.574 (2014/07/27)

UI redesign: Use Helvetica as default font (pull 1315, issue 23840)
Synchronization issue during tool installation (issue 17667)
Use native encoding for filenames in downloaded ZIPs. (issue 20663)

What's new in 1.573 (2014/07/20)

UI redesign: Changed element alignment, removed sidebar link underlines (pull 1314, pull 1316)
Word-break links in build logs to preserve page width (pull 1308)
Log rotation fails with "...looks to have already been deleted" (issue 22395)
Fixed unnecessary eager loading of build records in certain code path. (issue 18065)

What's new in 1.572 (2014/07/13)

UI redesign: Changed header, made layout <div>-based and responsive (pull 1310)
Improved handling of X-Forwarded-* headers (issue 23294)
Do not offer automatic upgrade if war parent directory is not writable (issue 23683)

What's new in 1.571 (2014/07/07)

IllegalArgumentException from AbstractProject.getEnvironment when trying to get environment variables from an offline agent. (issue 23517)
Overall.READ is sufficient to access /administrativeMonitor/hudsonHomeIsFull/ (SECURITY-134)
Master computer is not notified using ComputerListener (issue 23481)

What's new in 1.570 (2014/06/29)

Add CLI commands to add jobs to and remove jobs from views (add-job-to-view, remove-job-from-view). (issue 23361)
UI improvements / refreshing. (issue 23492)
Failed to correctly resave a project configuration containing both a forward and a reverse build trigger. (issue 23191)
Long log output resulted in missing Console link in popup. (issue 14264)
HTTP error 405 when trying to restart ssh host. (issue 23094)
Move 'None' Source Code Management option to top position. (issue 23434)
Fixed NullPointerException when ArtifactArchiver is called for a build with the undefined status. (issue 23526)
Allow disabling use of default exclude patterns in ArtifactArchiver (.git, .svn, etc.). (issue 20086)
Fixed NullPointerException when "properties" element is missing in a job's configuration submission by JSON (issue 23437)

What's new in 1.569 (2014/06/23)

Jenkins can now kill Win32 processes from Win64 JVMs. (issue 23410)
Allow custom security realm plugins to fire events to SecurityListeners. (issue 23417)
Recover gracefully if a build permalink has a non-numeric value. (issue 21631)
Fix form submission via the Enter key for Internet Explorer version 9. (issue 22373)
When Jenkins had a lot of jobs, submitting a view configuration change could overload the web server, even if few of the jobs were selected. (issue 20327)

What's new in 1.568 (2014/06/15)

Fixed JNLP connection handling problem (issue 22932)
Fixed NullPointerException caused by the uninitialized ProcessStarter environment in build wrappers (issue 20559)
Support the range notation for pagination in API (issue 23228)
Incorrect redirect after deleting a folder. (issue 23375)
Incorrect links from Build History page inside a folder. (issue 19310)
API changes allowing new job types to use SCM plugins. (issue 23365)
API changes allowing to create nested launchers (DecoratedLauncher) (issue 19454)

What's new in 1.567 (2014/06/09)

Fixed a reference counting bug in the remoting layer. (commit)
Avoid repeatedly reading symlinks from disk to resolve build permalinks. (issue 22822)
Show custom build display name in executors widget. (issue 10477)
CodeMirror support for shell steps broke initial configuration. (issue 23151)
Jenkins on Linux can not restart after plugin update when started without full path to java executable (issue 22818)
Fixed NullPointerException when a build triggering returns null cause (issue 20499)
Fixed NullPointerException on plugin installations when invalid update center is set (issue 20031)
Use DISABLED_ANIME icon while building a disabled project (issue 8358)
Process the items hierarchy when displaying the Show Poll Thread Count option (issue 22934)
Compressed output was turned on even before Access Denied errors were shown for disallowed Remote API requests, yielding a confusing error. (issue 17374) (issue 18116)
Properly close input streams in FileParameterValue (issue 22693)
Incorrect failure age in the JUnit test results (issue 18626)
Fixed deletion links for JVM Crash error logs (issue 22617)
Distinguish "nodes for label offline" from "no nodes for label" (issue 17114)
Add causes to queue item tool tip (issue 19250)
RPM: added JENKINS_HTTPS_KEYSTORE and JENKINS_HTTPS_KEYSTORE_PASSWORD options to Jenkins sysconfig file (issue 11673)
RPM: Do not install jenkins.repo file (issue 22690)
Don't advertise POSTing config.xml on master (issue 16264)
Handle null parameter values to avoid massive executor deaths (issue 15094)
Added an option to archive artifacts only when the build is successful (issue 22699)

What's new in 1.566 (2014/06/01)

Configurable case sensitivity mode for user IDs. (issue 22247)
Extension point for project naming strategies did not work from actual plugins. (issue 23127)
Introduce directly modifiable views (issue 22967)
Jenkins cannot restart Windows service (issue 22685)

What's new in 1.565 (2014/05/26)

Misleading error message trying to dynamically update a plugin (which is impossible) on an NFS filesystem. (issue 12753)
Updated component used by the swap space monitor to better support Debian and AIX.
SSH build agent connections die after the agent outputs 4MB of stderr, usually during findbugs analysis (issue 22938)
Polling no longer triggers builds (regression 1.560) (issue 22750)
Allow markup formatter to be selected without enabling security. (issue 22028)
Fixed localization of build environment variable help. (issue 22867)

What's new in 1.564 (2014/05/19)

Improve list view performance on large instances with folders. (issue 22720)
Add indicator when build queue is filtered. (issue 22698)
Update bundled Matrix project plugin to 1.2 fixing issues introduced in 1.561. (issue 22879, issue 22798)

What's new in 1.563 (2014/05/11)

Memory exhaustion in remoting channel since 1.560. (issue 22734)
Configurable size for log buffer. (issue 22840)
Gesture to clear log buffer. (issue 22839)
Prevent up to two-minute delay before scheduling jobs from a cron trigger. (pull request 1216)
Occasional attempts to delete a build during log rotation which had already been deleted. (issue 22395)
Again show proper display names for build parameters. (issue 22755)

What's new in 1.562 (2014/05/03)

Next build link was not reliably available from a previous build after starting a new one. (issue 20662)
Debian postinst: check for present user/group before adding them. (issue 22715)
Add distance between time tick labels on load statistics. (issue 22686)
Correctly show load statistics for master node. (issue 22689)
Make load statistics graph font configurable, use sans serif font by default. (issue 22688)
Add links to nodes on thread dump page for easier navigation. (issue 22672)

What's new in 1.561 (2014/04/27)

Fixed a corner case handling of tool installation. (issue 16846)
Enabled log rotation on the OSX package (issue 15178)
When measuring the length of the queue, jobs that consist of multiple subtasks should count as more than 1. (pull request 742)
Close drop-down button menu when clicking outside (issue 17050)
RunParameter with filtering enabled incorrectly includes builds which have not yet completed (issue 20974)
Fixed NPE if RunParameterValue points to a stable build. (issue 20857)
Fixed a JavaScript problem in sortable table with IE8. (issue 21729)
More efficient deletion of old builds (specified by date). (issue 22607)
The matrix project type was moved into its own plugin.
Linkage errors in notifiers could leak workspace leases. (issue 21622)
Better correction of the anomalous condition that several builds of a job specify the same number. (issue 22631)
Under certain conditions, a running build could mistakenly be shown as completed (and failed), while still producing output. (issue 22681)
Fix a bug which only showed the first detail part for radio buttons. (issue 22583)
Update version of bundled Mailer plugin to 1.8 to avoid issues with older versions
Show larger load statistics graphs. (issue 22674)
Linebreak project names less aggressively. (issue 22670)
Added a new extension point for more pluggable JNLP agent handling
Don't ask for confirmation when it doesn't make any sense. (issue 21720)
Jenkins asks for confirmation before leaving form even though user is not authorized to make changes. (issue 20597)
Make the computers monitor status row look different from regular node rows. (pull request 1095)
Do not offer "Install without restart" for plugin updates. (pull request 1125)
Require POST on more actions. (pull request 877)
Optimize image sizes. (pull request 648)
Properly close resources in case of exceptions. (pull request 737)
Fix warning on JBoss AS7 due to unnecessary xpp3_min dependency. (pull request 733)
Return queue item location when triggering buildWithParameters. (issue 13546)

What's new in 1.560 (2014/04/20)

Enforcing build trigger authentication at runtime by checking authentication associated with a build, rather than at configuration time. For compatibility, enforcement is skipped by default; you must install the Authorize Project plugin or similar for this to take effect. The “upstream pseudo trigger” was also removed in favor of a true trigger configured on the downstream project; you may use either the post-build action or the trigger according to where you want this configuration stored, and who is authorized to change it. (issue 16956)
Fixed NPE from view new job name autocompletion since 1.553. (issue 22142)
Deadlocks in concurrent builds under some conditions since 1.556. (issue 22560)
JNLP agents are now handled through NIO-based remoting channels for better scalability.
Integrated codemirror v2.38. (issue 22582)
Listing plugins shortly after installation throws ConcurrentModificationException. (issue 22553)
Fixed NoSuchMethodException when destroying processes using JDK1.8. (issue 21341)
Avoid irrelevant job queuing while node is offline. (issue 21394)
Debian package now creates 'jenkins' group
Suppress fingerprint link if fingerprint record isn't available. (issue 21818)
Job hangs if one of multiple triggered builds was aborted (issue 21932)
Don't submit form on Save after Apply in new window on some browsers. (issue 20245)
Remotely triggered builds now show correct IP address through proxy. (issue 18008)

What's new in 1.559 (2014/04/13)

Agents connected via Java Web Start now restart themselves when a connection to Jenkins is lost. (issue 19055)
Fixed NPE from Slave.createLauncher. (issue 21999)
Faster rendering of views containing many items. (issue 18364)

What's new in 1.558 (2014/04/06)

Cron-style trigger configuration will now display expected prior and subsequent run times.
Incorrect filtering of build queue and executors widgets after 1.514. (issue 20500)
NoSuchMethodError: hudson.model.BuildAuthorizationToken.checkPermission(…) from Build Token Root plugin since 1.556. (issue 22382)
Allow a Trigger to be a DependencyDeclarer. (issue 22397)
Fixed a slow down in resource loading caused by fix to JENKINS-18677. (issue 21579)
jenkins.war file shouldn't be exploded into /tmp (issue 22442)
Fixed NPE in UserCause (issue 21875)
Added RobustMapConverter. (issue 22398)
JNLP agents now satisfies stricter requirements imposed by JDK7u45. (issue 20204)
Fixed NPE executing Pipe.EOF with ProxyWriter (issue 20769)

What's new in 1.557 (2014/03/31)

Fixed ArrayIndexOutOfBoundsException in XStream with Oracle JDK8 release version (issue 18537)
Corrected permission checks for copy-job and create-job CLI commands. (issue 22262)
identity.key, used to secure some communications with Jenkins, now stored encrypted with the master key.
When dynamically loading a plugin which another loaded plugin already had an optional dependency on, class loading errors could result before restart. (issue 19976)
Memory leaks in the old data monitor. (issue 19544)
Ability for custom view types to disable automatic refresh. (issue 21190) (issue 21191)
Option to download metadata directly from Jenkins rather than going through the browser. (issue 19081)
Allow JDK8 (and other versions) to be downloaded by JDKInstaller correctly. (issue 22347)

What's new in 1.556 (2014/03/23)

Access through API token and SSH key login now fully retains group memberships. (issue 20064)
API changes allowing more flexibility in unusual job types. (issue 22131)
Job can be reloaded individually from disk with "job/FOO/reload" URL or "reload-job" CLI command

What's new in 1.555 (2014/03/16)

Jenkins should recover gracefully from a failure to process "remember me" cookie (issue 11643)
Fixed Up link in matrix projects (issue 21773)

What's new in 1.554 (2014/03/09)

Archiving of symlinks as artifacts did not work in some cases. (issue 21958)
Slow rendering of directories with many entries in remote workspaces. (issue 21780)

What's new in 1.553 (2014/03/02)

Build history widget only showed the last day of builds. (Due to JENKINS-20892, even with this fix at most 20 builds are shown.) (issue 21159)
Random class loading error mostly known to affect static analysis plugins. (issue 12124)
After restarting Jenkins, users known only from changelogs could be shown as First Last _first.last@some.org_, breaking mail delivery. (issue 16332)
CLI build -s -v command caused 100% CPU usage on the controller. (issue 20965)
Agent started from Java Web Start can now install itself as a systemd service.
Split the “raw HTML” markup formatter out of core into a bundled plugin.
Do not show Maven modules and matrix configurations in the Copy Job dialog. (issue 19559)
Fix autocompletion for items in folders. (pull request 1124)

What's new in 1.552 (2014/02/24)

Fixed handling of default JENKINS_HOME when storing CLI credentials (issue 21772)
Fixed broken action links on Label page (issue 21778)
Allow Actions to contribute to Labels' main page (issue 21777)
Expensive symlink-related calls on Windows can be simplified. (issue 20534)
Improve detection of broken reverse proxy setups.

What's new in 1.551 (2014/02/14)

Valentine's day security release that contains more than a dozen security fixes. (security advisory)
Regression in Windows agents since 1.547. (issue 21373)
Using java -jar jenkins-core.jar folder/external-monitor-job cmd … did not work. (issue 21525)
Jenkins crash on startup after upgrade from 1.546 to 1.548. (issue 21474)
f:combobox is narrow. (issue 21612)
The workspace cleanup thread failed to handle the modern workspace location on controller file system, and mishandled folders. (issue 21023)
Fixed missing help items on "Configure Global Security" page (issue 19832)
Sort groups on user index page alphabetically. (issue 21673)
Should not be able to create a job named . (period). (issue 21639)
Plugins implementing "AsyncPeriodicWork" can overwrite default logging level (pull request #1115)
Wrong log message for out-of-order build record repair. (issue 20730)
Existing Fingerprint Action is reused and not added a second time. (issue 19832)
TestObject doesn't replace '%' character (issue 21707)
"java -jar jenkins.war" should use unique session cookie for users who run multiple Jenkins on the same host.

What's new in 1.550 (2014/02/09)

Report number of all jobs as part of usage statistics (issue 21448)
Replace description in error dialog instead of appending (issue 21457)

What's new in 1.549 (2014/01/25)

Removing the "keep this build forever" lock on a build should require the DELETE permission. (issue 16417)
Files added to zip archive are closed properly. (issue 20345)
Broken CSS when reloading Jenkins after a time of inactivity (issue 17526)
Add Batch Command tool installer for Windows nodes. (issue 21202)
Allow more specific loggers to reduce log level. (issue 21386)

What's new in 1.548 (2014/01/20)

API for adding actions to a wide class of model objects at once. (issue 18224)
Added infrastructure for moving items into or out of folders. (issue 20008) (issue 18028) (issue 18680)
Apply buttons did not work in Internet Explorer in compatibility mode. (issue 19826)
Builds can seem to disappear from a job in a folder if that folder is renamed. (issue 18694)
/login offers link to /opensearch.xml which anonymous users cannot retrieve. (issue 21254)
Added API class SecurityListener to receive login events and similar. (issue 20999)
Option to hold lazy-loaded build references strongly, weakly, and more. (issue 19400)

What's new in 1.547 (2014/01/12)

Split Windows agent functionality into its own plugin.
NPE since 1.545 when using aggregated test result publisher without specifying downstream jobs explicitly. (issue 18410)
Fixed Trend Graph NPE when there isn't any builds (issue 21239)

What's new in 1.546 (2014/01/06)

Builds disappear after renaming a job. (issue 18678)
When clicking Apply to rename a job, tell the user that Save must be used instead. (issue 17401)
Exception from XStream running Maven builds on strange Java versions. (issue 21183)
When clicking Apply results in an exception (error page), show it, rather than creating an empty dialog. (issue 20772)

What's new in 1.545 (2013/12/31)

CannotResolveClassException breaks loading of entire containing folder, not just one job. (issue 20951)
Better robustness against XML deserialization errors. (issue 21024)
Minimizing disk I/O while loading the names of build records during Jenkins startup. (issue 21078)
Avoiding serializing the owning build as part of a test result action, as this can lead to errors later. (issue 18410)

What's new in 1.544 (2013/12/15)

RingBufferLogHandler throws ArrayIndexOutOfBoundsException after int-overflow. (issue 9120)
Jenkins shows 0GB free space when space available drops below 1GB. (issue 7776)
Added filter field for installed plugins tab. (issue 20219)
groovysh command did not work in authenticated Jenkins instances. (issue 17929)
Avoid eagerly loading all builds when displaying lists of them (Build History and Build Time Trend UIs). (issue 20892)
Error page should be visible even if the anonymous user does not have overall/read access. (issue 20866)
JavaScript errors when navigating away from a page with a build timeline widget while the timeline is loading. (pull request 1041)
Fixed a possible dead lock problem in deleting projects. (issue 19446)

What's new in 1.543 (2013/12/10)

HTML metacharacters not escaped in log messages. (issue 20800)

What's new in 1.542 (2013/12/02)

Improved error diagnosis for jzlib deflate problem. (issue 20618)
Improved error diagnosis for CLI stream corruption. (issue 18058)
Don't hold off building until saved for jobs copied from CLI. (issue 20744)
Allow build queue and executor status panes to be collapsed. (issue 5622)
Jenkins 1.540 just doesn't boot on Windows at all. (issue 20630)

What's new in 1.541 (2013/11/24)

Add option to create view by copying an existing one. (issue 13978)
Introduced the boot failure hook script that gets executed when Jenkins fails to start. (issue 20609)
Fixed "java.lang.NoClassDefFoundError: JarURLConnection" on OpenJDK (issue 20163)
FileAlreadyExistsException upon “deleted” symlink while (re)creating it. (issue 20610)
Allow background tasks to run simultaneously, preventing task blockage. (issue 19622)
Fixed failed tests displaying as Yellow in JUnit history plot (issue 7866)

What's new in 1.540 (2013/11/17)

CLI over HTTP was not working since 1.535. (issue 20128)
hudson appears in a the webpage title. (issue 14380)
Linkage error in InitializerFinder.discoverTasks blocks startup. (issue 20442)
Add Test button to check proxy connection (issue 20191)
Collect and report JVM crash dump files to assist trouble-shooting
ClassCastExceptions sometimes shown from views set to be recursive. (issue 20415)
Show different “up” link for jobs in folders. (issue 20106)
Add log handling line beginning with 'file://' as URL. (issue 19866)
Builds of a concurrently executable job might end up colliding on the same workspace. (issue 10615)
Fixed error during installation of .deb package (/var/run/jenkins doesn't exists) (issue 20407)
Global search box now remembers entered text (issue 18192)
Add extension point to allow plugins to contribute to the checking of assigned labels. (issue 20514)
Fixed issue where CLI required giving Overall read permission to anonymous. (issue 8815)
Jar cache option wasn't taking effect on JNLP agents. (issue 20093)
Interrupting remote class loading can lead to NoClassDefFoundError: Could not initialize class. (issue 19453)
Name channel executor threads for better diagnosability. (issue 19004)
Better diagnosability for remoting StreamCorruptedException (issue 8856)

What's new in 1.539 (2013/11/11)

Core started relying on Java6 API, completing Java5 -> Java6 migration. (discussion)
Adding a batch of contributed localization from the community.

What's new in 1.538 (2013/11/03)

Disabled, aborted, and not-build status now has different image names to allow themes to use different icons. (issue 19438)
Ask for confirmation if an user tries to leave an edited configuration page. (issue 19835)
Test failure summary appearance is improved. (issue 19884)
Added CLI commands that manipulate views (issue 19996)
Improved the /cli help screen. (issue 20023)
Polling-triggered jobs get scheduled en-mass on start-up if agents aren't online yet. (issue 8408)
Fixed the handling of nested variable expansion. (issue 20280)
NPE thrown from CLI build command under some circumstances. (pull request 979)
Fixed a bug in the compatibility transformer (since 1.527) that causes VerifyError in Ivy plugin and possibly others. (issue 19383)
Pass full list of all possible jobs to ViewJobFilter when recurse option is set (issue 20143)
get-job and update-job CLI commands can now work with folders, or indeed any AbstractItem. (issue 20236)
Added API allowing plugins to hide entries from the context menu even while they appear in the sidepanel. (issue 19173)

What's new in 1.537 (2013/10/27)

Upgrade bundled plugin versions: SSH Build Agents to 1.5, and Credentials to 1.9.1 (issue 20071)
Build button column was broken in 1.535 for parameterized builds. (issue 20080)
Miscalculation of environment variables caused some binaries (such as ssh) to not be found. (issue 19926)
Extension point for secure users of REST APIs (permitting JSONP and primitive XPath). (issue 16936)
“Run a build” link in page shown when no workspace existed for a job was not functional; unlinking.
Integer overflow could cause JavaScript functions to break in long-running Jenkins processes. (issue 20085)
Reverted the JENKINS-18629 fix in 1.536 as it causes various regressions in plugins. (issue 20262)

What's new in 1.536 (2013/10/20)

Fixed two file descriptor leaks. (issue 14336)
RuntimeException if you try to save a config with a choice parameter that has no choices. (issue 18434)
1.534 made ZIP downloads of artifacts work again, but missing a base directory inside the ZIP. (issue 19947)
Stapler error saving certain kinds of configuration. (issue 18629)
Upgrade Trilead SSH client library to version that does not cause connection loss when there is a lot of logging on the build agent and the performance improvements in SSH Build Agents Plugin 0.27+ are enabled ( issue 18836, issue 18879, issue 19619)
Upgrade bundled iplugin versions: SSH Build Agents to 1.4, SSH Credentials to 1.5.3 and Credentials to 1.8.3 (issue 19945)
Executor threads are now created only on demand.

What's new in 1.535 (2013/10/14)

Windows JDK installer failed in a path with spaces. (issue 19447)
Windows JDK installer should not install a public JRE. (issue 8957)
After deleting last build, next build of last build is zombie. (issue 19920)
Split matrix authorization strategies into an independent plugin.
UI Samples plugin fully separated from core. To view samples during plugin development or at any other time, just install from the update center.
View description should be clearly separated from the Jenkins system message. (issue 18633)
SCM polling sometimes broken since 1.527 due to a change in how environment variables are calculated. (issue 19307)
Breadcrumb bar moves away from header when scrolling past end of page on OS X. (issue 19803)
"java -jar jenkins.war" now runs on Jetty8. Command line options are still compatible. (issue 18366)
"java -jar jenkins.war" gets the "--spdy" option to enable SPDY.
Expand all/Collapse all functionality for artifact tree view. (pull request 616)
Visualize queued jobs in view. (pull request 531)

What's new in 1.534 (2013/10/07)

Default crumb issuer configurations saved in older releases did not load as of Jenkins 1.531. (issue 19613)
As of 1.532 download of artifact ZIPs was broken. (issue 19752)
Old copies of maven3-agent.jar on agents were not being reliably updated, leading to errors. (issue 19251)
Add option to disable "Remember me on this computer" checkbox in login screen. (issue 15757)
Added postCheckout method for SCMs (issue 19740)

What's new in 1.533 (2013/09/29)

Offer alternate error message for pattern-based project naming strategy. (pull request 914)

What's new in 1.532 (2013/09/23)

Working around a GZip compression bug in jzlib affecting transfer of certain large, repetitive artifacts. (issue 19473)
Lazy-loading bug: builds go missing. (issue 19418)
(re)create build number->id symlink if missing when updating permalink. (issue 19034)
Display the full display name in title for jobs and views. (pull request 884)
Added a new extension point to control where archived artifacts get stored. (issue 17236)
Use fine-grained permissions for node manipulation via REST API & CLI (issue 18485)
Make the link to the aggregated test result from the project page work. (issue 9637)

What's new in 1.531 (2013/09/16)

Deleting an external run did not immediately remove it from build list, leading to errors from log rotation. (issue 19377)
When copying a directory from controller to agent fails due to an error on the agent, properly report it. (issue 9540)
Identify user agent for Internet Explorer 11. (issue 19171)
Since 1.518, fingerprint serialization broke when job or file names contained XML special characters like ampersands. (issue 18337)
Robustness against truncated fingerprint files. (issue 19515)
JavaScript error in the checkUrl computation shouldn't break the job configuration page. (issue 19457)
Annotate the Advanced section if some fields are already customized. (issue 3107)
No events fired when project is enable/disable or the description is changed (issue 17108)

What's new in 1.530 (2013/09/09)

Send Maven agent JARs to agents on demand, not unconditionally upon connection. (issue 16261)
Occasional race condition during startup. (issue 18775)
Robustness against startup error for users of Global Build Stats plugin. (issue 17248)
404s from Javadoc and HTML Publisher plugins. (issue 19168)
Build number symlinks and permalinks not updated for Maven module builds. (issue 18846)

What's new in 1.529 (2013/08/26)

With Apache Maven 3.1 build, logging configuration from the Apache Maven distribution is not used.
Avoid log duplication with Apache Maven 3.1 builds
Ungraceful handling of empty matrix project axes. (issue 19135)
Updated Groovy to 1.8.9 to avoid GROOVY-4292.
CLI login command broken on Windows since 1.518. (issue 19192)
A malformed JUnit result file should mark that test suite as a failure, but not interrupt archiving of other tests. (issue 19186)
Build for $username now shows also build scheduled by user (issue 16178)

What's new in 1.528 (2013/08/18)

Command line now supports "--sessionTimeout" option for controlling session timeout
Form validation methods weren't getting triggered when one of its dependency controls change. (issue 19124)
When POST is required for some HTTP operation but GET was used, the response should have status code 405. (issue 16918)
Correct help text of Label field in automatic installation of tools in global configuration. (issue 19091)
Use Guice from Google rather than a fork
Jenkins does not invoke ProcessKillers for Windows (issue 19156)

What's new in 1.527 (2013/08/12)

Fixed NoSuchFieldError: triggers with older Maven plugin (issue 18677)
Added bytecode transformation driven compatibility ensurance mechanism (discussion)
Improve search to locate items inside folders. (pull request 848) (pull request 893)
Windows path separators not correctly escaped in Maven properties configuration. (issue 10539)
Improved EnvironmentContributor to support project-level insertion. (issue 19042)

What's new in 1.526 (2013/08/05)

HudsonAuthenticationEntryPoint can break CLI support, because the port isn't exposed properly. (issue 18634)
Report an user friendly error page if a deletion of a build fails. (pull request 827)
Maven build failure wasn't describing errors like Maven CLI does. (issue 15025)
MavenModuleSetBuild.getResult is expensive. (issue 18895)
Revisited fix to be compatible for plugins. (issue 18119)
Ensuring /log/all shows only INFO and above messages, even if custom loggers display FINE or below. (issue 18959)
Added a new monitor that detects and fixes out-of-order builds records. (issue 18289)
Added CLI command create-node. (issue 18282)
Can't build using maven 3.1.0 (issue 15935)
Fixed Winstone+mod_proxy_ajp+SSL combo issue. (issue 5753)
JENKINS_DEBUG_LEVEL misinterpreted by Winstone, causing excessive logging. (issue 18701)
Since 1.520, Jenkins requires Java 6 or later, breaking Maven builds set to use JDK 5. Now falls back to JVM of agent but sets compile/test flags to use defined JDK. (issue 18403)
Since 1.517, Maven projects using Maven 2 could not build projects using extensions depending on Apache Commons Codec. (issue 18178)
Test harness was packing copies of Maven into plugin archives under some conditions. (issue 18918)
Provided maven settings.xml in maven builder is lost. (issue 15976)
Exception when running polling with a Maven installation not defined on master. (issue 18898)
Since 1.477 GET on /view/…/config.xml included a spurious wrapper element. (issue 17302)
Clearer display of log messages: chronological order, and coloration of repeated vs. fresh metadata (date, log level, log source).
Fixed a regression that broke some plugins' form validation (issue 18776)
People View does Not Populate if JQuery plugin enabled. (issue 18641)

What's new in 1.525 (2013/07/29)

Same as 1.524; botched release.

What's new in 1.524 (2013/07/23)

Clock Difference broken on Manage Nodes page (issue 18671)
Fixed another possible cause of an NPE from MatrixConfiguration.newBuild. (issue 17728)
NPE in MavenFingerprinter.getArtifactRepositoryMaven21. (issue 18441)
More reliability improvement in remote agent reconnection.
Do not load disabled plugins as dependencies for other plugins. (issue 18654)

What's new in 1.523 (2013/07/14)

Fixed: claiming of tests doesn't work in Maven jobs (claim-plugin) (issue 14585)

What's new in 1.522 (2013/07/06)

Fixed a regression in the config form with some plugins (issue 18585)
Fixed a dead lock in the Project class and improved the signature of the persisted XML form a bit. (issue 18589)
Improved memory efficiency in parsing test reports with large stdio output files. (issue 15382)
Node monitoring now happens concurrently across all the agents, so it'll be affected less by problematic agents. (issue 18438)
Deadlock during Maven builds Parsing POM step (issue 15846)
If every node is restricted to tied jobs only, Matrix build jobs can never start.

What's new in 1.521 (2013/07/02)

Build with parameters returns empty web page (issue 18425)
Access denied error results in ERR_CONTENT_DECODING_FAILED on most browsers, masking the root cause. (issue 15437)
Fixed the controller/agent handshake problem when an agent runs on non-ASCII compatible encoding (such as EBCDIC.)
Added a diagnosis for StreamCorruptedException problem (issue 8856)
Matrix project's parent can be now tied to labels/agents. (issue 7825)
Clean up fingerprint records that correspond to the deleted build recods (issue 18417)
Fixed "Comparison method violates its general contract" error in BuildTrigger.execute (issue 17247)
Edited description wasn't reflected when pressing the "Apply" button. (issue 18436)
Fixed a regression in remoting since 1.519 that caused FindBugs plugins to break. (issue 18349, issue 18405)
Revisited the extension point added in 1.519 that adds custom plexus components.

What's new in 1.520 (2013/06/25)

Agent launch thread should have the background activity credential. (issue 15578)
“Build Now” link did not work for multijobs. (issue 16974)
Unix vs. Windows mode not correctly retained for command launchers under some conditions. (issue 18368)
Edit views with non-ASCII names did not work since 1.500. (issue 18373)
Fixed API incompatibility since 1.489. (issue 18356)
“Projects tied to agent” shows unrelated Maven module jobs. (issue 17451)
Fixed file descriptor leak in fingerprint computation. (issue 18351)
Test history was not shown if suite name was part of the test name. (issue 15380)
Added a new extension point to monitor the flow of stuff in the queue.
Added a new extension point to monitor the provisioning of nodes from clouds. (pull request 819)
Possible to create a custom AbstractDiskSpaceMonitor.
Executors running the builds can be now a subject of access control. (issue 18285)
Core started relying on Java 1.6 as per the agreement in the dev list. If you have a serious objection against it, please let us know before we really start relying on 1.6 features.
Some actions confirmed by dialog were not working when CSRF crumbs were enabled. (issue 17977) (issue 18032)
CLI list-jobs command should list all nested jobs. (pull request 793)
Provide a mechanism to differentiate between node properties that are applicable to the master node only and node properties that can be applied to all nodes (issue 18381)
Maven module links in the module list page are broken. (issue 17713)
100% CPU pegging in Deflator.deflateBytes (issue 14362)

What's new in 1.519 (2013/06/17)

Log cluttered with irrelevant warnings about build timestamps when running on Windows on Java 6. (issue 15587)
Fingerprint action deserialization problem fixed. (issue 17125)
Updating the master computer's configuration from the agent list UI had no immediate effect. (issue 17276)
Improved the tracking of queued jobs and their eventual builds in the REST API.
Configured log recorders can now pick up messages logged from agents. (issue 18274)
Added a new extension point to contribute custom plexus components into Maven for the maven project type.
Remoting classloader performance improvement upon reconnection to the same agent. (issue 15120)

What's new in 1.518 (2013/06/11)

NPE in DefaultMatrixExecutionStrategyImpl.waitForCompletion. (issue 18024)
Optimizations in fingerprint recording. (issue 16301)
Using JNR-POSIX rather than JNA-POSIX for better platform support. (issue 14351)
Errors searching build records when builds were misordered. (issue 15652)
Finding the last failed build for a job (e.g. from a view column) broke lazy loading. (issue 16023)
Do not fail startup in case ListView.includeRegex was syntactically malformed.
CSS stylesheets misrendered in Chrome due to caching. (issue 17684)
User icon in People broken if Jenkins root URL unconfigured. (issue 18118)
Progress bar sometimes broken in People. (issue 18119)

What's new in 1.517 (2013/06/02)

Enable word breaking in potentially long strings like job names. (issue 17030)
Allow filtering of the Run parameter build list by result. (issue 7280)
Add support for scalatest-maven-plugin. (issue 18086)
When copying a folder, the display names of contained jobs were gratuitously cleared. (issue 18074)
“Recurse in subfolders” option for list views produced exceptions when used with native Maven projects. (issue 18025)
Using proper directory separator character for permalinks on Windows. (issue 17681)
Use markup formatter to display parameter description. (issue 18427)

What's new in 1.516 (2013/05/27)

NPE from Run.getDynamic. (issue 17935)
Should be able to collect all log records at a given level using a blank logger name. (issue 17983)
Reworked Upload Plugin gesture to work more like installation from an update center, and in particular to support dynamic load. (issue 16652)
Errors in init.groovy halted startup; changed to just log a warning. (issue 17933)

What's new in 1.515 (2013/05/18)

Windows services now auto-restart in case of abnormal process termination.
<f:dropdownDescriptorSelector> does not allow defaulting to specific instance (issue 17858)
mark maven settings / global settings as default for new jobs (issue 17723)
Display Name is not shown. (issue 17715)
Symlink handling problem with build permalinks on Windows. (issue 17681)
List views missing a required field were unloadable. (issue 15309)
Maven module artifacts were not being deleted by the log rotator. (issue 17508)
Properly find parent POMs when fingerprinting a Maven project. (issue 17775)
Allow the combination filter to accept parameter values. (issue 7285)
Extension point to transform test names (for use with alternative JVM languages). (issue 17478)

What's new in 1.514 (2013/05/01)

Added a new set-build-parameter command that can update a build variable from within a build.
Can use -Dhudson.udp=-1 to disable UDP broadcast without showing an ugly exception.
Third-party license display for core was broken since 1.506. (issue 17724)
Mitigation of exception from fingerprinting in a Maven project when a parent POM could not be located. (issue 17775)
NPE from MatrixConfiguration.newBuild. (issue 17728)
Identify the short name of an uploaded plugin from the manifest, so it does not matter what the filename was. (issue 4543)
NPE configuring Copy Artifact with Maven jobs. (issue 17402)
/about now links to license information for plugins as well.
Updated bundled plugins.

What's new in 1.513 (2013/04/28)

Agent status monitor page shows when the data is last obtained
Delete button to highlight what it is going to delete.
StringIndexOutOfBoundsException in PackageResult.findCorrespondingResult. (issue 17721)
Breadcrumb is reworked to show descendants to provide additional navigational shortcuts. (discussion)
hpi:run did not work for bundled plugins. (issue 18352)
Fixed CSRF vulnerabilities (SECURITY-63,SECURITY-69, security advisory)
Fixed an XSS vulnerability via stylesheet (SECURITY-67, security advisory)
Fixed an XSS vulnerability to copy arbitrary text into clipboard (SECURITY-71/CVE-2013-1808, security advisory)

What's new in 1.512 (2013/04/21)

Views can now include jobs located within folders. (pull 757)
Added confirmation dialog before reloading configuration from disk. (issue 15340)
Switched confirmation before deleting jobs or wiping out workspace to a dialog.
Different text than “Build Now” for parameterized jobs. (issue 10738)
Check the view name with ajax.
“Build Now” context menu item broken for parameterized jobs. (issue 17110)
Incorrect redirection after delete of job in folder in view. (issue 17575)
”My Views" links leads to 404 Not Found. (issue 17317)
Quoting Issue with JDK Installer with Windows Installer. (issue 5408)
Restored compatibility in ArtifactArchiver signature; broken in 1.509 and could affect plugins. (issue 17637)
Fixed a bug in the logic that hides context menu anchor 'v' (issue 13995)

What's new in 1.511 (2013/04/14)

JUnit result archiver should only fail builds if there are really no results - i.e. also no skipped tests. (issue 7970)
NullPointerException related to lazy loading when loading some builds using fingerprinting. (issue 16845)
Better display of parameters in queue items. (issue 17454)
sort order of plugin list is not working by default. (issue 17039)

What's new in 1.510 (2013/04/06)

UnsatisfiedLinkError on CreateSymbolicLinkw on Windows XP. (issue 17343)
Flyweight tasks should execute on the master if there's no static executors available. (issue 7291)
Download tool installations directly from the agent when possible, since this is much faster than going through the controller. (issue 17330)
Improved UI for implicitly locked builds. (issue 10197)
Incorrect URL computation broke context menu for computers with spaces in their names. (issue 18236)
Promote the use of 'H' in cron. (issue 17311)
Context menu no longer automatically pops up (issue 13995)

What's new in 1.509 (2013/04/02)

Heavy thread congestion saving fingerprints. (issue 13154)
Option to make the build not fail if there is nothing to archive. (issue 10502)
Better report file deletion failures. (issue 17271)
"Local to the workspace" repository locator does not work when building one module in isolation. (issue 17331)
Master node mode not correctly displayed in /computer/(master)/configure. (issue 17263)
Performance improvement in controller/agent communication throughput (issue 7813)
Quoted label expression can result into dead executors (throwing exception) (issue 17128)
ChangeLog should produce some output even if some (plugin) annotator fails (issue 17084)
View name should not allow "..". (issue 16608)

What's new in 1.508 (2013/03/25)

Fixing a regression in 1.507 that causes a failure to load matrix jobs. (issue 17337)

What's new in 1.507 (2013/03/24)

Show the reason for a skipped test if the test result contains one (issue 8713)
an in-progress build was dropped from JSON API when lazy-loading was introduced. (issue 15583)
In-progress builds now survive the "reload from disk" administrator action. (issue 3265)
If artifact archiving failed with an I/O error, the build nonetheless was considered to be a success. (issue 2058)
Fixed a bad interaction between Windows symlinks and build record lazy loading. (issue 15587)
Remember the lastStable/Failed/Successful/etc builds to avoid eager loading builds. (issue 16089)
Wrong build result in post build steps after failed pre build step in maven projects. (issue 17177)

What's new in 1.506 (2013/03/17)

Saving Global Jenkins Global Config wipes out the crumb issuer settings in the Global Security Config. (issue 17087)
Made --httpKeepAliveTimeout option work (that was supposed to have been introduced in 1.503). (issue 16474)
Preview function for textareas using Jenkins markup did not work when CSRF protection was enabled. (issue 17085)
Permalinks created in the wrong place when using external build directories. (issue 17137)
External build directories not updated by job rename/delete. (issue 17138)
JNA-related error from Windows agent monitoring thrown repeatedly. (issue 15796)
New JSON library corrects problems such as form values starting with [. (issue 14827)
Improved the request handling performance (where the file lookup is expensive, such as on NFS). (issue 16606)
Windows symbolic support on Java5/6.
Improved the duration browsers cache static resources.

What's new in 1.505 (2013/03/10)

Exception in flyweight tasks when checking if an executor is interrupted. (issue 17025)
JNA-related linkage errors on Windows not handled gracefully. (issue 15466)
Builds disappear from build history after completion (revisited). (issue 15156)
Added run display name as an environment variable when RunParameter is used (pull 720)
Fixed "Manage" sub-contextmenu for non-standalone deployments (pull 721)
Absolute URLs in console output (issue 16368)
Revert ampersand encoding which can cause backward incompatibility issue (pull 683)
Fix dependency graph computation when upstream build trigger is involved (issue 13502)
Disabled Authenticode verification for Windows services. (issue 15596)

What's new in 1.504 (2013/03/03)

Fixed a regression in the "discard old builds" in 1.503. (issue 16979)
Maven 3.0.5 upgrade. (issue 16965)
Not all log messages were being captured at /log/all. (issue 16952)
Incorrect or missing XML encoding declaration on some REST API pages. (issue 16881)
Fixed: Human readable file size method returns ",00" for files with byte length 0 (issue 16630)
“Build” from job context menu produced a confusing warning page. (issue 16844)
Maven2 builds with non-standard test plugins failed. (issue 16928)
Started bundling XStream 1.4.4 (issue 12542)
Significant improvement in Traditional Chinese localizations. (pull 716)

What's new in 1.503 (2013/02/26)

${ITEM_FULLNAME} variable was not working for Maven projects on Windows, so introduced ${ITEM_FULL_NAME} instead. (issue 12251)
Lock contention issue in build history view. (issue 16831)
Fixed the HTTP request thread saturation problem with Winstone. (issue 16474)
Script evaluation script error on IE. (issue 16561)
surefire-reports not detected for android-maven-plugin (issue 16776)
maven-failsafe-plugin tests not recognized anymore (issue 16696)
UI waiting on a queue lock to display cause of queue blockage. (issue 16833)
UpdateCenter REST API chokes if there was a plugin installation failure. (issue 16836)
Missing build title in /rssAll when build has no test result. (issue 16770)
Changed the way matrix axis values are exposed as env variables (issue 11577)
Maven 3 builds ignored quiet (-q) and debug (-X) options (issue 16843)
JNLP agent installers can now work transparently with secured Jenkins. (SECURITY-54 / despite the ticket marker, this is not a security vulnerability)
"Discard old build records" behavior is now pluggable, allowing plugins to define custom logic.

What's new in 1.502 (2013/02/16)

Miscellaneous security vulnerability fixes. See the advisory for more details. (SECURITY-13,16,46,47,54,55,59,60,61)
Builds disappear from build history after completion. (issue 15156)
Plugin Manager’s Filter field did not work. Regression in 1.500. (issue 16651)
DISCOVER-able jobs break the build queue widget (issue 16682)
Extension point to provide access to workspace even when node is offline (issue 16454)
Extension point to listen BuildStep execution

What's new in 1.501 (2013/02/10)

Reverted change in 1.500 causing serious regression in HTTPS reverse proxy setups. (issue 16368)
Getting test results from custom test mojos failed build. (issue 16573)
Restored Java 5 compatibility. (issue 16554)
Bogus “Build Record Root Directory” inadequately diagnosed. (issue 16457)
Plugin icons in the sidebar were not being properly cached. (issue 16530)
Broadly as well as deeply nested build causes overwhelmed the UI after 1.482. (issue 15747)
API typo DependencyDeclarer corrected.
Avoid eagerly loading builds in Changes in dependency or culprit list. (pull 689)
Run parameters do not support folders. (issue 16462)
Fixed RememberMe cookie signature generation. (issue 16278)
Fixed NullPointerException when copying from existing Maven job (issue 16499)

What's new in 1.500 (2013/01/26)

Since 1.494, when signing up as a new user in the private security realm the email address was left unconfigured and a stack trace printed.
Enable transparent log decompression support. (issue 13655)
Display authorities at /user/* for convenience. (pull 577)
Slow rendering of view pages in large installations due to eager check whether the “People” link would show anything. (issue 16244)
Reduced size of memory leak in render-on-demand functionality used e.g. in configuration pages. (issue 16341)
Improving responsiveness of People page. (issue 16342) (issue 16397)
Exception printed to log while adding Build other projects post-build step. (issue 16444)
BindException when using --daemon with JMX. (issue 14529)
Improved logging and error output from SSHD in Jenkins.
Linking to the /threadDump page from /systemInfo so it is discoverable.
Rekeying operation (from SECURITY-49 fix in 1.498) failed on Windows. (issue 16319)
JNLP agent index page failed to explain how to pass -jnlpCredentials. (issue 16273)
Links should preserve used protocol (issue 16368)
Don't report the same plugin twice in the update center if the filtering is in effect.
Accept any plugin with a 'test' goal as a test plugin in Maven jobs (issue 8334)
Avoid unnecessary downloads if automatically installed tools are up-to-date (issue 16215)

What's new in 1.499 (2013/01/13)

Fixed NoClassDefFoundError: Base64 with the -jnlpCredentials option. (issue 9679)

What's new in 1.498 (2013/01/07)

The master key that was protecting all the sensitive data in $JENKINS_HOME was vulnerable. (SECURITY-49, security advisory)

What's new in 1.497 (2013/01/06)

Delete the oldest build but it still come up on HistoryWidget (issue 16194)

What's new in 1.496 (2012/12/30)

Aborting download of workspace files make Jenkins unstable (issue 7114)
Unstable main build of maven projects leads to post steps being executed even if configured not to (issue 14102)
Channel is already closed exception during threadDump (issue 16193)

What's new in 1.495 (2012/12/24)

Fixed java.lang.NoSuchMethodError: hudson.model.RunMap.put(Lhudson/model/Run;)Lhudson/model/Run; (issue 15487)
Saving the update center list after the metadata has been fetched results in the metadata being persisted twice (issue 15889)
When using container-managed security, display unprotected root actions in the configuration screen for convenience.
Display class loading statistics in /computer/name/systemInfo.
Added list-plugins CLI command.
Added console CLI command that dumps console output from a build.

What's new in 1.494 (2012/12/16)

Using file parameters could cause build records to not load. (issue 13536)
Possible race condition in RemoteClassLoader renders agent unusable. (issue 6604)
If the CLI client is aborted during "build -s", abort the build.
WARNING: Caught exception evaluating: descriptor.getHelpFile(attrs.field). Reason: java.lang.NullPointerException. (issue 15940)
Allows to disable triggering of downstream jobs (for a maven job) (issue 1295)
E-mail delivery feature was split off to a separate plugin for better modularity. (pull 629)
Context menu and tooltip of the queue items were colliding with each other
Fix combobox ui component (issue 16069)
Separated global security configuration into its own view. (pull 628)

What's new in 1.493 (2012/12/09)

Agent's Name should be trimmed of spaces at the beginning and end of the Name on Save. (issue 15836)
Added new switch to ignore post-commit hooks in SCM polling triggers. This requires that the SCM plugin supports this feature, too! (issue 6846)

What's new in 1.492 (2012/11/25)

XStream form of projects excessively strict about null fields. (issue 15817)
Build records were broken if timezone was changed while running. (issue 15816)
Symlink detection refinement on Java 7. (issue 13202)
Displaying massive test suite results could bring down Jenkins. (issue 15818)
Jenkins kicks off the wrong downstream builds for Maven. (issue 15367)
Rotation of agent launch logs is broken for Windows controllers. (issue 15408)
Failure to initialize the SSH daemon shouldn't fail the boot.
Added new GUI-based agent installer for upstart
Duplicated / multiple "Jenkins CLI" entries under "Manage Jenkins". (issue 15732)
Maven2 job fails when using maven-failsafe-plugin (issue 15865)
"Disable Project" button breaks Free style project pages. (issue 15887)

What's new in 1.491 (2012/11/18)

HistoryWidget/entry.jelly throws NullPointerException (issue 15499)
ArrayIndexOutOfBoundsException or StringIndexOutOfBoundsException launching processes such as Mercurial polling. (Regression in 1.489.) (issue 15733)
Fixed an XSS and a few open-redirect problems
Support failsafe the same way as surefire in maven2 jobs
Support settings.xml provider for freestyle maven buildstep too
Invert dependency of maven-plugin and config-file-provider plugin (if config-file-provider is installed, this change requires an update of the config-file-provider to >= 2.3) (issue 14914)

What's new in 1.490 (2012/11/12)

Fixed the redirect handling in IPv6 literal address. (issue 14452)
Update logging levels in LogRotator - hudson.tasks.LogRotator perform (issue 15540)
Jobs in folders not displayed when showing tied jobs for a computer or label. (issue 15666)
When installing plugins with overlapping dependencies, Jenkins downloads the duplicate plugins multiple times. (issue 10569)
Disable Nagle's algorithm for TCP/IP agent connection

What's new in 1.489 (2012/11/04)

JENKINS_HOME can be now on UNC path (like \\server\mount\dir) (issue 9615)
Deleting deeply nested directories could fail on Windows in Java 6. (issue 15418)
Improved the auto-completion of job names to support hierarchy better.

What's new in 1.488 (2012/10/28)

Harmless but noisy exception running builds on some Windows systems in non-English locale. (issue 15316)

What's new in 1.487 (2012/10/23)

JNLP agent on OS X can install itself as a launchd service.
Using the bottom-sticking "OK" button in more places
Agent logs are put into sub-directories to avoid cluttering $JENKINS_HOME
/computer/*/doDelete should try harder to remove even “zombie” Computers. (issue 15369)
NPE from PluginManager. (issue 15511)
Uncaught TypeError: Cannot read property 'firstChild' of null breaks certain forms at least on Chrome. (issue 15494)
Added "manage old data" permanently to the "manage Jenkins" page.
Plugin manager now supports uninstallation. (issue 3070)

What's new in 1.486 (2012/10/14)

NullPointerException in various parts of the core due to RunList returning null. (issue 15465)
Jenkins build records lazy-loading failed to load some of my jobs. (issue 15439)
Build queue displayed as empty even when it is not. (Regression in 1.483.) (issue 15335)
Restoring /people page as a redirect for compatibility, and fixing links to it. (issue 15206 continued)
Memory exhaustion parsing large test stdio from Surefire. (issue 15382)

What's new in 1.485 (2012/10/07)

NPE deleting an agent. (issue 15369)
Deadlock involving views. (issue 15368)
Can't configure Maven Installations on Jenkins ver. 1.483, 1.484 (issue 15293)
Memory footprint improvement, especially under large HTTP request threads. (issue 15493)
Build records are now lazy loaded, resulting in a reduced startup time (issue 8754)

What's new in 1.484 (2012/09/30)

Check view permissions before showing config page (issue 15277)
Displaying /people can consume huge resources. (issue 15206)
Log recorders do not work reliably. (issue 15226)
NPE in MatrixProject.onLoad. (issue 15271)
FilePath.validateAntFileMask too slow for /configure. (issue 7214)
Mac OS X installer now sends log to /var/log/jenkins/jenkins.log (issue 15178)

What's new in 1.483 (2012/09/23)

Invalid warning message when the config-file-provider plugin is not installed (issue 15207)
JDK installation failed on some agents with InvalidClassException: hudson.tools.JDKInstaller$Platform$1; local class incompatible: … (issue 14667)
Provide symlink support on all possible platforms when using Java 7+, including newer versions of Windows. (issue 13202)
NPE at hudson.maven.MavenModuleSet.getMaven (issue 14510)
Invalid JSON gets produced with duplicate keys (seen on change sets) (issue 13336)
Command line options to control the HTTP request handling thread behavior weren't working.
Default max # of concurrent HTTP request handling threads were brought down to a sane number (from 1000(!) to 20)
Display non-default update site URLs in the Advanced tab of Plugin Manager. (Currently not configurable from this UI.)
Fixed the lock contention problem on Queue.getItems() (issue 16468)
Put agent back online automatically, if there's enough disk space again (pull 514)
Track and verify plugins used in configuration XML (issue 15003)

What's new in 1.482 (2012/09/16)

Job created by posting config.xml to /createItem does not set GitHub webhook. (issue 14759)
“Took…on master” shown for a build which ran on an agent which was since deleted. (issue 15042)
Report root causes of UpstreamCause in log and status pages.

What's new in 1.481 (2012/09/09)

Matrix jobs are kept forever even if it's not needed (issue 14991)
'groovysh' command should be able to see all the plugin classes. (issue 14982)
Handle version ranges in automatic maven module dependency wiring. (issue 12735)
Detect bugs relating to short Descriptor names early. (issue 14995 continued)
Allow the user to type in the reason why a node is offline (pull 535)
Parameters defined in matrix projects are now available in configuration builds. (pull 543)

What's new in 1.480 (2012/09/03)

Refactored behavior.js to run more predictably. Plugin JavaScript should use Behaviour.specify in place of Behaviour.register, Behaviour.list, hudsonRules, and jenkinsRules. (issue 14495 cont'd)
Fixed a possible race condition in the remoting layer. (issue 14909)
TarArchiver.visitSymlink can throw undeclared PosixException. (issue 14922)
Parameterized Trigger plugin can break form validation for regular “Build after other projects are built” trigger. (issue 14995)
hpi:run failed due to IllegalAccessErrors. (issue 14983)

What's new in 1.479 (2012/08/29)

"Ping-pong" builds store excessively large CauseAction. (issue 14814)
Avoid a 404 when navigating to upstream builds. (issue 14816)
Avoid a 404 when canceling queue items. (issue 14813)
Added missing parameters as defaults when called from CLI (issue 7162)
NPE from UpdateSite$Plugin.getNeededDependencies. (issue 14769)
Description preview and syntax highlighting broken since 1.477.
Parameter values disappear if user is not logged in (issue 7894)

What's new in 1.478 (2012/08/20)

"Monitor External Job" broken since 1.468. (issue 14107)
Matrix configuration axes are no longer automatically re-ordered to alphanumeric order on reload. (issue 14696)

What's new in 1.477 (2012/08/08)

Annotation processor bugs in Stapler affecting plugin compilation. (issue 11739)
Regressions in add/delete buttons starting in 1.474. (issue 14434 and issue 14495)
Collapse nonempty tool installation sections by default in /configure. (issue 14538)
Custom workspace in matrix projects should be able to use axis as variables.
New SCMCheckoutStrategy extension wasn't working for matrix projects. (pull 519)
Fixed a problem in the concurrent matrix build. (issue 13972)
Single invalid e-mail address shouldn't cause the entire e-mail delivery to fail. (pull 526)
Dynamically recomputing matrix axes wasn't working. (pull 523)
"Text" build parameter should use <textarea> for configuration (issue 13916)
Make the draggable component more obvious by providing a border.
Added REST API for view manipulation
OS X installer now has an Uninstall tool (in /Library/Application Support/Jenkins).
Added "manage Jenkins" as a sub-menu to the Jenkins context menu.
Executor is exposed to the remote API (pull 520)
Changed defaults for the Mac installer to make iOS codesigning easier. (pull 527)
Notify user when search result is truncated and provide link to get more results (issue 10747)
Add a setter for node label string. (issue 14327)
Option to set java executable path for managed windows agents
Added new extension point for transient user actions, and displays user properties if they are also Actions.

What's new in 1.476 (2012/07/31)

NullPointerException from JUnitParser.parse. (issue 14507)

What's new in 1.475 (2012/07/22)

Enable/disable GUI for jobs either did not appear, or threw exceptions, for jobs inside folders (issue 14325)
NullPointerException from UnlabeldLoadStatistics [sic] (issue 14330)
Incorrect display of list items in project changes for SCMs such as Mercurial. (issue 14365)

What's new in 1.474 (2012/07/09)

Fix French translation (issue 13274)
Avoid doing AJAX updates if the page becomes invisible. (pull 506)
Added a new extension point to listen to polling activities. (issue 14178)

What's new in 1.473 (2012/07/01)

Updating job config.xml shouldn't clobber in-progress builds. (issue 12318)
Search index includes all top-level jobs, not just jobs in the current view. (issue 13148)
Updated typo in Serbian translation. (issue 13695)

What's new in 1.472 (2012/06/24)

Fixed a synchronization problem between controller/agent data communication. (issue 11251)
Added a mechanism to filter extension points as they are discovered.
Exposed the master's own node properties to be configured in /computer/(master)/configure (whereas /configure controls global node properties that apply to all nodes.)
Made the list of environment variables in the help page pluggable (pull 434)
Added a new hook to enable matrix project axes to change its values per build. (pull 449)

What's new in 1.471 (2012/06/18)

JSON MIME type should be "application/json" (STAPLER-17) (issue 13541)
Fixed: XML API Logs Too Much Information When Invalid Char is Present (issue 13378)
Improved the way we store hashed passwords. (motivation)
Reduce the total height of items shown in the view configuration page. (pull 488)
The CLI build command now has the -v option that reports the console output of the build in progress.
The CLI build command can now wait until the start of the build.

What's new in 1.470 (2012/06/13)

Problem in syncing mirrors with native packages. Re-releasing the same bits as 1.469 as 1.470.

What's new in 1.469 (2012/06/11)

Fixed a regression in 1.468 that broke LDAP

What's new in 1.468 (2012/06/11)

Added more MIME type mapping for Winstone. (issue 13496)
Winstone wasn't handling downloads bigger than 2GB. (issue 12854)
With 'on-demand' retention strategy, wrong agent can be started for jobs restricted to specific agent. (issue 13735)
Fixed encoding handling in e-mail headers. (pull 486)
Added a new extension point for custom checkout behaviour, especially targeted for matrix projects. (pull 482)
REST API now supports pretty printing of JSON and other formats.
Allow the tree parameter and the xpath parameter to be used together in the REST API.
Improved the background transparency of the animating ball icon

What's new in 1.467 (2012/06/04)

When accessing a page that requires authentication, redirection to start authentication results in a content decoding failure. (issue 13625)
Fixed a bug in the way cloud support handles free-roaming jobs. (discussion)
Fixed a regression in untar operation in exotic platforms (issue 13202)
Fixed a possible race condition
Fixed nested view not showing up with just read perm for View (issue 13429)
Allow file parameters to be viewed as plain text. (issue 13640)
CLI connection to the controller is now encrypted.
Improve the low disk space warning message. (issue 13826)
Matrix custom workspace support is improved to allow configuration builds to share workspace
Added more context menus to hyperlinks in the console output
Exposed plugin manager and update center to the REST API
Added a new extension point for agent protocols.
Enabled concurrent build support for matrix projects (issue 6747)
Maven plugin: expand variables in "Room POM" field (issue 13822)

What's new in 1.466 (2012/05/28)

Exposed plugin manager and update center to the REST API
Enabled concurrent build support for matrix projects

What's new in 1.465 (2012/05/21)

Artifact archiving from an SSH build agent fails if symlinks are present (issue 13202)

What's new in 1.464 (2012/05/14)

Don't try to set cookies on cacheable requests. (issue 12585)
Fixed a regression in 1.462 that introduced Java6 dependency. (issue 13659)
Fixed JDK auto-installer
missing search image on plugin manager.

What's new in 1.463 (2012/05/07)

Fixed a bug in the Content-Range header handling. (issue 13125)
Ant's default exclusion was preventing plugins from archiving some files. (issue 13165)
Fixed NPE in PAM authentication if the user is in a group that doesn't exist anymore.
End up more gracefully if there's some problem when searching for user partipication in the build (issue 13564)
Improved the performance of the fingerprint persistence. (issue 13154)
PAM authentication supports '@group' to force interpretation as a group instead of user. (issue 13526)
Honor the Accept header in the job/name/build URL. (issue 13546)
Added a DISCOVER permission to allow anonymous users to be presented the login screen when accessing job URLs. (issue 8214)
Publishers can be now reordered by the user. (discussion)

What's new in 1.462 (2012/04/30)

API token authentication was broken in 1.461 (issue 13600)
Added the filter textbox to the update center selector. (issue 13476)
Move "View as plain text" link on console output page from top right to the sidepanel. (issue 13389)
Convert "Delete this build" buttons into links in the sidepanel. (issue 13387)
Validate project naming regex immediately. (issue 13524)

What's new in 1.461 (2012/04/23)

Flag -U is not used during the parsing step of a Maven Job (issue 8663)
Custom workspace validation not working. (issue 13404)
allow j/k navigation for search results (issue 13105)

What's new in 1.460 (2012/04/14)

Fixed: tests with the same name are no longer counted correctly. (issue 13214)
Added a tag to copy text into clipboard for plugins
Removed ASM dependency to avoid class incompatibility trobules.
Supported hash token in the crontab syntax to distribute workload and avoid spikes.

What's new in 1.459 (2012/04/09)

CLI - I/O error in channel Chunked connection/Unexpected termination of the channel - still occurring in Jenkins 1.449. (issue 12037)
Quiet period is blocking other jobs in queue. (issue 12994)
Loading All Build History Fails. (issue 13238)
Added the View.READ permission to control visibility of views, and updated the default implementation to hide empty views. (issue 3681)
Added new extension point for transient build actions. (pull 421)

What's new in 1.458 (2012/04/02)

Build Status page continues to show flashing "building" icons after build completion. (issue 13217)
New Breadcrumb bar covers search suggestions (issue 13195)
Fixed a log rotation portability problem on RedHat RPM package. (issue 5784)
Computer.getHostName() returns null when it is not. (issue 13185)
Fixed a socket file descriptor leak.
Run $JENKINS_HOME/init.groovy.d/*.groovy as the init script if present (feature)
Improved the page loading performance, especially on large latency network
Resolve dependency issue between 'maven-plugin' and 'config-file-provider' plugin. If you are using the 'config-file-provider' plugin, you have to upgrade to version 1.9.1!

What's new in 1.457 (2012/03/26)

Fixed a thread leak in the embedded servlet container. (issue 9882)
Fixed a file handle leak in serving static content (issue 13097)
Breadcrumb popup menu gives javascript error on Internet Explorer 8. (issue 13082)
Ajax on Update Center does not work in prototype 1.7
'View as plain text' in Console Output is hidden by the new breadcrums bar
Last modification date of files in a zip are not the original timestamps (issue 13122)
"Reload Configuration from Disk" loses labels for swarm-clients (issue 8043)
Jenkins uses correct port in mDNS advertisement and shows up in Safari Bonjour bookmarks.

What's new in 1.456 (2012/03/19)

After renaming a job, the redirect goes to a wrong view. (pull 401)
BUILD_TAG wasn't unique for hierarchical project. (pull 402)
Workspace archiving wasn't handling symlinks correctly. (issue 9118)
Fixed a bug in the auto-overwrite of bundled plugins on Windows. (issue 12514)
Fixed a temporary memory spike when dealing with rapidly growing large console output and interactive monitoring.
Fixed a file handle leak while serving static files. (issue 12674)
Fixed a bug in executor/queue filtering for matrix projects. (pull 394)
Some of the context menu items have wrong links (issue 12945)
Removed entries that don't make sense from the context menu
Enable automatic hyperlinking on failed test summary. (pull 392)
Performance improvement in JavaScript on modern browsers (pull 276)
Matrix project execution order is made pluggable. (issue 12778)

What's new in 1.455 (2012/03/12)

Fixed a regression in 1.453 with IE9 (pull 397)
Fixed NPE in Groovy script execution via CLI (issue 12302)
Fixed bug where a queued build could start while the previous build was still in its post production state.
Improved the error retry logic of update center retrieval.
Update JavaMail to 1.4.4. (issue 1152, issue 3983)
Integrated prototype.js 1.7 (discussion)
Supported programmatic retrieval/update of agent config.xml
Breadcrumb now supports drop-down menu for faster navigation (discussion)
Configuration pages show a navigation drop-down menu in the breadcrumb bar to jump to sections
Hyperlinks to model objects also supports drop-down menu for faster navigation. (discussion)
New ExtensionPoint to enforce naming conventions for projects/jobs and two implementations: Default (no restriction), Pattern (regex). (issue 12928)
java -jar jenkins.war now uses the HTTP only session cookie that's more robust against XSS vulnerability.

What's new in 1.454 (2012/03/05)

Adjusted the HTML sanitization rules as they were too restrictive.

What's new in 1.453 (2012/03/05)

Fixed a XSS vulnerability. (SECURITY-26, security advisory)
Fixed a directory traversal vulnerability. (SECURITY-23, security advisory)
Fixed a file descriptor leak on Windows (issue 9882)
'Age' column on 'Test Result' tab may show incorrect value when a test suite is divided into multiple junit files. (issue 12457)
System Message - Doesnt appear on any view other than the default view. (issue 7733)
Added UI component to show notification bar at the top of the page
Users can configure search to be case insensitive. (issue 850)
Inline help now reports the plugin that contributes the said feature.
Various configuration pages are getting the "apply" button.
Avoid post-build deploy to Maven repository in release build (issue 12397)
Jenkins no longer fails to start if plugins have cyclic dependencies, but deactivates these plugins.
Adding the video/webm mime type for files with extension .webm.
update to guava 11.0.1

What's new in 1.452 (2012/02/27)

Infinite loop or invalid next execution with crontab DoW=7 (issue 12357)
Broken links to test results with '#' or '?' in the name (issue 10458)
Fix launching browser too early to http://localhost:8080 in OS X installer. (issue 12622)
Bundled slf4j binding to avoid classloader constraint violation in JBoss (issue 12334, issue 12446, issue 12650)
Fixed a UI problem with the "save" button that sticks to the bottom.
Misc performance improvements (pull 342)

What's new in 1.451 (2012/02/13)

The -c option in the build command wasn't working for some SCM.
Fix multi submit with shortcut key in script console. (pull 364)
job rows in view should have id= for easy access (issue 12518)
M2 job: create links to codehaus maven plugins and their goals (issue 12529)
Matrix job now allows delete whole matrix, including sub-jobs.
Fixed a bug in LDAP default root DN inference. (issue 8152)
ComputerListener.onOffline was not called when the client was terminated abruptly. (issue 12680)
CLI now supports also encrypted key file
Recognize test results from eviware:maven-soapui-plugin. (issue 11353)

What's new in 1.450 (2012/01/30)

install-plugin CLI command fails to put a file in the right location when installing from URL.
Fixed a bug where long post-production processing in matrix jobs can cause incorrect abortion.
month should not be 0. (issue 12356)
"Create a new agent" page didn't auto-complete for copying. (issue 12490)
Fixed a bug in the auto-overwrite of bundled plugins.
Upgrade to maven artifacts 3.0.4
Running build via CLI now records actual user who started the build

What's new in 1.449 (2012/01/23)

Build fails on "Deploy artifacts to Maven repository" due to trying to upload parent POM twice for release artifacts. (issue 11248)
Fixed an occasional "URI must start with a slash" error when the anonymous user doesn't have the read access.
OS X installer can optionally create a new user "jenkins" and use it. This user has a writable home directory, making it possible to set up ssh for Jenkins.
No workspace available message includes wiped out workspace as a potential cause. (issue 10432)
Stop users being created in memory if they failed to provide all the required registration information correctly. (issue 7096)
java -jar jenkins.war finally detects invalid command line options and report that as an error.
When run in terminal, warning/error messages are colored.

What's new in 1.448 (2012/01/17)

Location of the temporary file "Maven Global Settings" incompatible with release:prepare (issue 12315)
Failure to check the username/groupname in the matrix security shouldn't hide the user name (issue 9519)
Fixed a hash DoS vulnerability. (SECURITY-22, security advisory)
Fixed "Deploy artifacts to Maven repository" as a promotion action. Requires promoted-builds plugin 2.5+. (issue 11766)
Fixed a bug in the symlink creation code on BSD platforms. issue 12119
Default e-mail suffix should be used to complete the domain name portion of the recipients list. (pull #324)
Closure execution after CLI.upgrade() should carry over the transport credential. issue 10890
Incorrect path delimiter used in ZipArchiver when creating archive on Windows. issue 9942
.jpi is now supported as well as .hpi as a plugin extension. (pull #331)
Windows service agent launcher now supports more generalized user account option. (pull #328)
OSX installer now checks for the existence of JVM and open the browser in the end. (pull #329)
Added the Reploy-To header support. (pull #306)
The location of Maven local repository is now pluggable, and supported per-executor configuration out of the box. (pull #293)
Jobs now support display name separate from its unique name issue 11762

What's new in 1.447 (2012/01/09)

Fixed a hash DoS vulnerability. (SECURITY-22)
NullPointerException in maven-plugin: Maven3Builder / ExecutedMojo (1.445) (issue 12259)
Reduced overhead of maven jobs. (issue 11883)
Link to user profile from console output should go to the user ID, not the user name (issue 12279)
Copy artifacts fails on windows agents due to failing to set a timestamp. (issue 11073)

What's new in 1.446 (2012/01/02)

Jenkins now acts as an SSH daemon (doc)
Added hyperlinks to console output (pull #334)
Add option to disable mailnotifications for each failed maven module. (issue 5695)
Sort workspace file list based on request locale. (issue 12139)

What's new in 1.445 (2011/12/26)

CLI now supports using HTTP proxy for tunneling its TCP/IP connection.
CLI now supports routing TCP/IP requests without going through HTTP reverse proxy.
If reload fails, don't let the partially loaded state running, or risk the user overwriting the configs they have. (issue 11204)
Update center UI improvement. "Install" button is now always visible.
Configuration UI improvement. "Save" button is always visible.
Fixed a bug where a large output from Maven can cause module log output to go out of sync with module build log files.
Confusing error message when the --username option is used on the system with the .ssh directory. (issue 11873)
Fixed prematurely re-drawn matrix test result graph.

What's new in 1.444 (2011/12/19)

Make the matrix configuration table looks like the rest of Jenkins tables. (issue 10251)
Improved Italian translation.
Fixed the incorrect table border cropping (issue 12061)

What's new in 1.443 (2011/12/12)

Wagon 2.0 upgrade broke the Redeploy task for webdav repositories (issue 11318)
Self-restart wasn't working with 32bit x86 Solaris (issue 6629)
Fixed IPv6 handling in Winstone (pull request #2)
OS X installer can fail to set the file permissions correctly. (issue 11714)
Build history time line wasn't working for IE8. (issue 7403)
Build history time line should be resizable (issue 11834)
Fixed a bug in Windows registry enumeration with large data. (issue 11767)
Debian/Ubuntu init script does not wait long enough during stop operation (issue 11744)
Jenkins takes up too much space in /var/run (issue 11366)
Fixed a NoSuchMethodError on JBoss 5.1 EAP (issue 11960)
Use $JENKINS_USER in Debian postinst script. (issue 5771)
Fixed a bug where Jenkins failed to show localized text for Hebrew, Indonesian, and Yedish.
Canonical name of Maven artifacts may end with "-" if classifier is empty. (issue 11819)
Proxy configuration supported "no proxy host" setting to allow some hosts to bypass proxy. (issue 8710)
Added/improved localization to Arabic, Bulgarian, Catalan, Czech, Danish, German, Greek, Esperanto, Spanish, Estonian, Basque, Finnish, French, Hebrew, Hindi, Hungarian, Indonesian, Icelandic, Italian, Kannada, Korean, Lithuanian, Latvian, Marathi, Norwegian, Dutch, Polish, Portugeese, Romanian, Russian, Slovak, Slovenian, Serbian, Swedish, Telgu, Turkish, Ukrainian, and Chinese. Thanks everyone!

What's new in 1.442 (2011/12/05)

Workspaces mixed when launching multiple concurrent builds. (issue 11825)
Fixed ConcurrentModificationException in parallel Maven 3 builds. (issue 11256)
Upgrade aether version to 1.13 and sisu to 2.3.0 .
add new action type to enable plugins to intercept the maven 'goals and options' (pull #316)
Upgrade to Maven Wagon 2.1 which supports preemptive authz for dav deployment.
Plugins can be now installed without taking Jenkins offline.

What's new in 1.441 (2011/11/27)

If running as a daemon, don't daemonize one more time during restart. (issue 11742)
Fixed NPE in Subversion polling of Maven jobs. (issue 11592)
CLI jar now has the version number in the manifest as well as the "-version" option.

What's new in 1.440 (2011/11/17)

Sorting "diff" in test result requires 2 clicks (issue 5460)
java.io.IOException: Unexpected termination of the channel - SEVERE: I/O error in channel Chunked connection when using jenkins-cli.jar (issue 11130)
Debian init script now returns the proper exit code from the 'status' command. (issue 11306)
Fixed a bug in Mac OS X ProcessKiller argument parsing. (issue 9634)
Dependency wasn't recalculated with CLI "update-job" command. (issue 11636)
Sortable table wasn't "stable" when there are same values in different rows (issue 11551)
Managed windows agents can be now run as a specific user account (pull #289)
Description field now has the preview button to test it inline. (pull #243)
Record fingerprints of parent POMs - only working with Maven 2.2 or newer (issue 8383)
Maven mojo records can be now sorted

What's new in 1.439 (2011/11/14)

Fixed random OutOfMemoryError with console annotations (issue 9349)
Fix small UI issue on build queue. (issue 11637)
Textbox for numbers should be type=number (issue 11513)
Added an extension point to sort matrix configuration builds when executing them sequentially (pull #301)

What's new in 1.438 (2011/11/07)

Thanks to Luca De Fulgentis, fixed XSS vulnerability with the built-in servlet container. (SECURITY-17, security advisory)
Repeated ids, expandTextArea() and multiple "Invoke Ant" build steps. (issue 10989)
Improve the resilience to the missing 'nextBuildNumber' file. (issue 11563)
NPE when running Maven 3 jobs with -T. (issue 11458)
Support mailto: links in actions. (issue 7725)
Rewrote the JDK installer to remove problematic HtmlUnit dependencies. (issue 11420)

What's new in 1.437 (2011/10/31)

Added MIME headers with job name and build result to notification emails.
"Changes" in Build Summary broken in IE standard mode since 1.434 (issue 11383)
GET request to configSubmit wipes some configuration (issue 11397, issue 7847)
Jenkins logo headless when server is starting. (issue 11444)
Allow update center CA certificates to be placed in $JENKINS_HOME/update-center-rootCAs

What's new in 1.436 (2011/10/23)

Fixed a plugin boot problem that causes Jenkins to startup gracefully when some optional plugin dependencies aren't met (such as ivy to nant) (issue 11279)
Avoid overwriting the repository definitions. (issue 11229)
"Tailing" the console of an active job broken in 1.434 (issue 11307)
Fingerprint's age should be sorted by its elapsed time (issue 9210)
Improved the classloading performance
Expose original file name as a String parameter on for FileParameters (issue 11326)
Added hyperlinks to build trigger console messages. (pull #291)

What's new in 1.435 (2011/10/17)

Fixed the XML encoding sniffing problem in environments that have old JAXP (issue 4525)
Suggestions for search do not work since 1.433 (issue 11208)
"System Admin E-mail Address" is confusing label for notification mail "from" (issue 11209)

What's new in 1.434 (2011/10/09)

Add support for android-maven-plugin integration test reports and fix an error with 2.x maven-android-plugin (issue 10913)
HTTPS on port 80 makes Jenkins infer his URI incorrectly (issue 11151)
Resizable textarea handle does not work if CodeMirror is enabled (issue 11132)
"Alternate settings file" build parameter is getting cleaned after job execution (issue 10955)
upgrade Apache Maven Wagon to 2.0. (issue 11164)
Made build SCM change set a weak reference to reduce heap usage
Added a way to show avatar images on user pages. (issue 7494)

What's new in 1.433 (2011/10/01)

Port on HTTP Proxy Configure accepts characters except the digits (issue 11068)
Broken link in help text of HTTP Proxy Configuration (issue 11051)
Broken help button for Log Recorders (issue 11052)
Fatal exception apparently within Xalan code on AIX (issue 10851)
NOT_BUILT & other build status are reported inconsistently (issue 11013)
Canceling a parent multi-config build produces non-deserializable build.xml (issue 10903)
Label of the master should be editable if cloud is set up. (issue 11100)
Improved the error diagnosis by ping-driven connection termination. (issue 11097)
YUI updated to 2.9
Concurrent build is no longer beta
Permission check added when viewing configuration of computer set.
Maven project now supports arbitrary build steps (pull #233)
Jenkins internally started using Guice for loading extensions (issue 8751)

What's new in 1.432 (2011/09/25)

JDK auto-installation does not respect proxy settings (issue 10634)
Tools download does not respect proxy settings (issue 5271)
Recover from a corrupted JSON update data file automatically (issue 7034)
Fixed the reported system reboot problem on installing JDK on Windows (issue 7288)
Fixed the OutOfMemoryError in trying to download/install JDK (issue 10689)
Enabled shortcut key on script console
Remember sortable table state into local storage (issue 203)

What's new in 1.431 (2011/09/19)

Jenkins unable to start if the /tmp/jna catalogue exists and is owned by a different user (issue 10774)
Display the file size in the artifact list page (issue 7798)
Fixed a file permission handling in the unzip code. (issue 9577)
Add "un/check all" buttons on matrix-based security. (issue 7565)

What's new in 1.430 (2011/09/11)

Added way to mark all plugins to be updated at once (issue 10443)
Fixed a bug in the UI JavaScript behavior with IE
Matrix project pages don't show latest test results. (issue 10864)
Bundling the translation assistance plugin in the hope of increasing the contribution.
Introduce a fine-grained permission to control who is allowed to run the Groovy Console.
Maven jobs should include fingerprints of their parent POMs (issue 8383)
Add support for maven-android-plugin integration test reports (issue 10913)

What's new in 1.429 (2011/09/06)

maven submodule build fails doing mkdir on master. (issue 10831)
CLI clients should be able to see plugin classes report
Fixed NPE in running assembly:assembly with Maven3 (issue 8837)
Fixed a bug in one of the file copy operations that caused the copy-artifact plugin to fail to preserve the timestamp. (issue 10805)
Jenkins didn't start on IBM JDK. (issue 10810)
Fixed a possible NPE during the boot sequence (issue 10799)
stdin/stdout based remote agents, such as ones launched via SSH or script, now does a better redirect to avoid interference with JVM output to stdout. (issue 8856)
Project names in fingerprint records weren't updated when a project is renamed. (issue 10330)
External job submission now supports <displayName> and <description> elements (pull 215)

What's new in 1.428 (2011/08/29)

CLI jar download was making the browser prefer a wrong file name.
Link "Started by user XXX" broken on build status page if user name modified. (issue 10698)
404 error when clicking "Build History" link on MyView.
Add a DefaultViewsTabBar config.jelly to avoid jelly exception (issue 10640)
go back to view page when job is deleted. (issue 10510)
A Global Environment variable with an empty key would fail maven builds since 1.424. Ignore these variables instead of failing the build. (report)

What's new in 1.427 (2011/08/19)

Builds failing while archiving test result if build is running in different VM (e.g. IBM J9) than Jenkins is (issue 10030)
Maven builds failing with NullPointerException at the end. (issue 10715)
Jenkins self-restart causes process name to change from java to exe (issue 9206)
Fixed a bug where SSH public key authentication for CLI wasn't working for username/password based security realm. (issue 10647)
Failing to install a plugin from CLI should result in non-zero exit code (issue 10057)
Fixed NPE in trying to diagnose undefined job error. (issue 7826)
Disable auto refresh in agent markOffline screen (issue 10608)
Workspace-cleanup thread shouldn't delete custom workspace directories (issue 8880)
Improved the speed of shutdown
RPM package should honor user-modified configuration file better (issue 10037)
OS X package now provides customizable commandline (pull request 195)
Improved the remote API for queue (issue 10414)
Added a dignosis CLI command to report the current granted authorities.
Added a CLI command to set display name of the build (issue 9126)
Added an option in CLI build command to check for SCM changes before carrying out a build (issue 9968)
If CLI fails to connect via a JNLP agent port, fall back to HTTP full-duplex. (issue 10611)
Added two CLI commands to manipulate job by its XML definition. (issue 8797)
Added two CLI commands to shutdown Jenkins (issue 6594)
Fixed unclear text for Tabs with no jobs (issue 9330)

What's new in 1.426 (2011/08/15)

Auto Install JDK asks for Oracle account, but the link goes 404. (issue 10556)
Record and display who aborted builds. (issue 5754)
Added API token support. (issue 9363)
Maven Plugin can use settings and global settings files provided by the config provider plugin
Fixed background of title image (issue 9571)

What's new in 1.425 (2011/08/08)

Make syntax highlighting optional (issue 10509)
isPartial() check for matrix builds now only reference active configurations. (issue 10197)
Maven jobs building plugins were no longer identified as upstream snapshot dependencies. (issue 10530)
MAVEN_OPTS configuration wasn't expanding environment variables.

What's new in 1.424 (2011/08/01)

Java Web Start binaries weren't signed. (report)
Fixed Maven build error if headless option is set and MAVEN_OPTS empty (issue 10375)
Tests not recognized as failed if test initialization failed (issue 6700)
Support for gzipped log in consoleText (issue 10400)
Expand variables in the Maven POM definition in Maven projects. (issue 5885)
Some CLI command are not available. (issue 10418)
Maven jobs deploying or installing artifacts should be used for dependency graph instead of jobs which don't (issue 10366)
Maven jobs which are disabled should be excluded from dependency graph (issue 10367)
Updated JDK installer to reflect changes in Oracle download server (issue 10511)
Fixed memory leak in the controller/agent communication. (issue 10424)
Fixed a problem in the core that prevents CLI users from authenticating with Crowd plugin (and others like it.)

What's new in 1.423 (2011/07/25)

Fixed a boot problem in 1.422.

What's new in 1.422 (2011/07/25)

Fixed a regression in 1.421 that broke CentOS installations. (issue 10354)
When run as "java -jar jenkins.war", failing to listen on HTTP ports should be fatal.
Fixed a race condition in the fingerprint computation (issue 10346)
Fixed an occasional NPE when running Maven jobs (issue 9822)
Added a new hudson.model.Computer.CREATE permission to limit who can create new agents.

What's new in 1.421 (2011/07/17)

NPE when requesting https://server/job/TEST-START/description and the description is empty (issue 10182)
Redeploy artifacts for the whole project wasn't showing up for Maven3 projects.
PAM authentication wasn't working with Ubuntu 11.04 (issue 9486)
ToolCommandInstaller: Fix CR/LF and always make it Unix style. (issue 9963)
Empty emailAddress causes Mailer error. (issue 10300)
Label Alignment does not correctly work for top-level entries that span several lines (issue 10253)
Fixed a bug in Groovy view taglib rendering for "/lib/hudson"
PAM authentication now works with CLI login mechanism. (issue 9681)
Jenkins behaves better in JRebel-enhanced environment during core/plugin development (details)
Generalized the mechanism to control scopes of security permissions
Added an extension point to record arbitrary data to fingerprints.
Build trigger dependency wasn't recalculated when jobs are copied.
Exposed more remote APIs around archived Maven artifacts.
Allow build directories and workspace directories in $JENKINS_HOME to be placed elsewhere. (issue 8446)
Mac installer update: set file permissions to be more in line with Mac conventions. (pull request 188)
Maven build script to produce the binary was significantly modified. (pull request 193)

What's new in 1.420 (2011/07/11)

Fix: jenkins did not record test results generated by the GWT maven plugin (pull request 186)
Fixed a race condition in the remoting that can break the pipe support (issue 8703)
Restart button does not restart jenkins after plugin upload (issue 10044)
Fixed a file handle leak in GET config.xml API call (issue 8042)
Fixed the redundant/incorrect encoding handling in XML configuration files. (issue 4525)
File parameter didn't work correctly with matrix projects (issue 10108)
Fixed the double escaping problem in the update center error message (issue 10081)
Fixed JellyTagException in the manage page after Jenkins upgrade (issue 10066)
Groovy script console is now syntax highlighted.
Improved the form validation to the "restrict where jobs can run" field.
Text area to enter description is now syntax highlighted.
Don't recalculate internal dependency graph if Maven dependencies haven't changed (issue 9301)

What's new in 1.419 (2011/07/05)

"Ant Version" field in "Invoke Ant" Build step missing in 1.416 (issue 10036)
post build deployment task fails with : Unbuffered entity enclosing request can not be repeated. (issue 10076)
After an unsuccessful Maven incremental build, make sure that all modules are deployed on the next successful one. (issue 5121)
Fixed the permission issues on /Applications/Jenkins with OS X installer (issue 9398)
Block up-/downstream Projects of matrix projects (issue 4959)
Just like SSH connector, managed Windows connector now allows the machine name to be specified. (pull request #172)
Debian package no longer distributes /etc/apt/sources.list.d/jenkins.list (pull request #170)
Added SSH public key based CLI authentication (wiki)
Jenkins OS X installer now starts Jenkins upon system boot, not upon user login (issue 9399)
Improve the vertical alignment of form fields and labels (pull request #175)
Improve the column sorting behaviours (pull request #174)
Managed Windows agent launcher now lets you define a host name separately from the agent name. (issue 10099)

What's new in 1.418 (2011/06/27)

Permissions from LDAP groups weren't working properly since 1.416 (issue 10075)
"0 tests started to fail" makes no sense (pull request #165)
Defined a proper way to interrupt the build and mark it as a failure. (issue 9203)
Prevent a occasional JavaScript safety warning message when running in HTTPS
About page should not autorefresh (issue 9967)
Added a new build parameter type that shows a text area (issue 5577)
Making views more reusable outside the root object.
Added a new hudson.footerURL system property to tweak the link displayed at the bottom of the UI
Added a new hudson.security.WipeOutPermission system property to enable a new WipeOut permission controlling the "Wipe Out Workspace" action.

What's new in 1.417 (2011/06/20)

Fixed a regression in 1.416 that broke cloud plugins like libvirt and EC2.

What's new in 1.416 (2011/06/18)

Make captcha support optional; remove LGPL jcaptcha (issue 9915)
Validate new view name relative to current context
Unfilled custom workspace textbox shouldn't be allowed. (issue 9806)
Fixed a race condition between remoting I/O operations. (issue 9189)
Fixed a bug in LDAP group search based on memberUid (pull request #151)
If the user tries to run Jenkins on Java 1.4 and earlier, detect that more gracefully.
Fixed NPE in site generation when building a single Maven module (issue 7577)
Fixed timeline on build trend page. (issue 6439)
Fixed the initialization order of plugins (issue 9960)
Label/node tree is not visible in multi-configuration project config page (issue 9689)
LDAPBindSecurityRealm.groovy can be now overridden in $JENKINS_HOME if it exists.
AJP port is customizable in RPM and openSUSE packages (pull request #149)
"Deploy to Maven repository" post build task should default to unique version, as per Maven3 default. (issue 9807)
Improved the URL hyperlinking behavior in the console output (pull request #119)
Plugins can now override where jobs are executed.
Rotate the agent log files instead of deleting them.
Added a mechanism to control the XML parser behaviour (pull request #67)
Minor UI improvements for Jenkins update center. (issue 9212)
Added a mechanism to write views in Groovy. The interface isn't committed yet. We are looking for feedback.

What's new in 1.415 (2011/06/12)

Output correct version from java -jar jenkins.war --version (broken since 1.410)
Correct usage text from java -jar jenkins.war --help
Incremental maven jobs: if POM parsing failed, do a full build next time. (issue 9848)
Do not expose the proxy password in the HTML for Update Center (issue 4000)
CLI command page now lists all the available commands (issue 9789)
Improve the post deployment job to make a clear error if you disabled artifacts archives (issue 9791)
Post-build deploy task for Maven jobs : Repositories definitions can now be read from the POMs. (issue 9786)
Run maven jobs as headless process. on OSX this avoid jumping Dock icon to take focus. (issue 9785)
Reduce memory consumption of dependency calculation in maven jobs. (issue 9845)
Strongly encrypt the proxy password (issue 4002)
Added an extension point to allow prodding the NodeProvisioner into taking action faster than it might usually.
When there are absolutely no executors for a specific label, there was an unnecessary delay in provisioning the first node for that label.

What's new in 1.414 (2011/06/04)

Fixed the concurrent modification exception in classloading during startup
Show an error message if no name is provided when creating a job (CLI) (issue 6958)
Fix unescaped apostrophe in French translation. (issue 9699)
Allow building multiple downstream dependencies on a single job via DependencyGraph and BuildTrigger. (issue 8985)
Catch FileNotFoundException in Maven builds if Mojos are executed from a classes directory. (issue 5044)
Fix NPE if node of last build isn't available anymore while polling for SCM changes. (issue 9003 )
Set NODE_NAME for master node to "master" (issue 9671)
Jenkins Maven build does not recognize Tycho surfire reports with new groupId org.eclipse.tycho (issue 9326)
Add a default attribute to repeatableProperty and repeatable jelly tags
Log which build steps have changed the build result to build console. (issue 9687)

What's new in 1.413 (2011/05/22)

Fixed extra ' character in french translation. (issue 9197)
"Downgrade Jenkins" incorrectly shows 1.395 (issue 9656)
Fixed NPE in GlobalMatrixAuthorizationStrategy.doCheckName (issue 9412)
Fixed a ClassCastException caused by multiple loading of the same class in different classloaders. (issue 9017)
Support rebuilding a subset of matrix configurations (issue 1613)
Gracefully handle old slave.jar to avoid AbstractMethodError (thread)
Debian packages now do log rotation (issue 8641)
Provide more information to QueueTaskDispatcher (thread)
Replaced all gif images with png images (transparency support). (issue 3969)
Boldify names of executed mojos for Freestyle and Maven2/3 jobs using Maven3 in console output. (issue 9691)

What's new in 1.412 (2011/05/16)

Wait until updates are successfully installed before restarting Jenkins (issue 5047)

What's new in 1.411 (2011/05/09)

Allow blank rootDN in LDAPSecurityRealm. (thread)
Fixed the UI rendering problem when certain controls are nested together.
Auto-refresh is now disabled when triggering a build with parameters (issue 7342)
404 when clicking in the weather report column of a build that hasn't yet been run. (issue 9532)
Manually uploading a bundled plugin should trigger pin-down.
Clicking "History" from the left bar in a test result history page results in 404 (issue 5450)
Add active configurations in remote API for matrix projects. (issue 9248)
Link to the console output from the status icon of an entry in the HistoryWidget.
Exploit commons-codec for Base64 encoding rather than proprietary sun.misc.BASE64Encoder (issue 9521)
Order of extension implementations is made bit more deterministic

What's new in 1.410 (2011/05/01)

Maven3 with multiple threads does not work in Jenkins. Fix support of -Tx maven 3 option. (issue 9183)
Jenkins Maven build does not recognize Tycho surefire reports (issue 9326)
Fixed a persistence problem in View$PropertyList (issue 9367)
Added unique instance identifier to UDP broadcast and DNS multicast information. (issue 9230)
jenkins.xml explains how to use hudson.exe for Windows (issue 9470)
Maven agent needs a fix for the 'hardcoded' socket connection to localhost (issue 6795)
Support custom workspace for maven/ivy projects (issue 8848)
Added a new extension point to execute background tasks more flexibly.
Memory space monitor now works for Mac OS X Snow Leopard (issue 9374)

What's new in 1.409 (2011/04/25)

Some french strings are incorrect after renaming to Jenkins (issue 9334)
Debian init script gives false positives for port already in use (issue 9281)
"include culprits" should treat unstable and failure as the same (issue 4617)
fixed "Copy existing job" autocompletion. (issue 9384)
Zip/tar files created by Jenkins now properly retains Unix file modes. (issue 9397)
Added two new CLI commands "wait-node-online" and "wait-node-offline" to block until an agent becomes online/offline.
Move Jenkins URL setting from E-mail Notification to its own section in the main configuration.
Add LOADING overlay when triggering a build with parameters (issue 9343)
Support self restart on Mac OS X 10.6 and onward (issue 7537)
Added "about Jenkins" screen that shows the 3rd party license acknowledgement.

What's new in 1.408 (2011/04/18)

Fixed a regression that resulted in too much escaping (issue 9426)
Fixed a persistence problem in View$PropertyList (issue 9367)

What's new in 1.407 (2011/04/15)

Implemented comprehensive preventive measure against cross-site scripting. (SECURITY-14)
Javadoc links on maven job page with only one module (issue 9202)
Duplicate test results with Maven2 projects (issue 1557)
Re-fixed JDK1.6 dependency that has crept into the core in 1.400 (issue 8914)
eclipse-plugin packaging doesn't work with maven plugin support. (issue 8438)
Failed to parse POMs for packaging swc. (issue 8448)
Fixed "AdjunctManager is not installed" error when Jenkins failed to startup. (issue 9271)
Jenkins has a new logo, thanks to Charles Lowell at The Frontside

What's new in 1.406 (2011/04/11)

Default viewport of the Timeline widgets were off by one day. (issue 6439)
Label expression logic wasn't supporting a binary operator sequence like "a || b || c" (issue 8537)
In matrix security, newly added rows weren't removable
Improve the stability of the test harness
Fixed a bug in handling ' and " in matrix build label axis (issue 9009)
Fixed NPE in the "deploy to Maven repository" as a post-action. (issue 9084)
Performance: Specify image sizes for faster page loading (issue 9182)
Support nested testsuites in the JUnit test result (issue 6545)
Added an extension point to allow adding transient actions to computers.
Added an extension point to allow associating custom properties with views.
Actions can now override their rendering in the parent model object.
Jenkins is exposed to DNS multi-cast as Jenkins now
Added a mechanism for plugins to write an invisible job property
Added a mechanism for plugins to write an invisible node property

What's new in 1.405 (2011/04/04)

Fixed link to javadoc in maven modules and add link to generated test javadoc
Fixed an AbstractMethodError in ItemGroupMixin.create when using some older plugins.
The "last duration" column was broken since 1.403.
Fixed a bug where XML API can produce malformed XML. (issue 8988)
Archive maven artifacts by their canonical names to avoid possible name conflicts (issue 9122)
Marking modules as 'not build' in maven incremental builds didn't work anymore in maven 3 jobs (issue 9072)
In incremental maven builds, modules could be left unbuilt, although they had SCM changes (issue 5764)
Rebuilding dependency graph was taking much too long for big maven projects (issue 7535)
Maven builds didn't work in JBoss 6.
Ping setup for detecting bad controller/agent communication is done more consistently now (issue 8990)
Expand environment variables in fingerprint targets (issue 9138)
Added an extension point to allow adding transient actions to computers.

What's new in 1.404 (2011/03/27)

Regression in jenkins .401 maven plugin - deploy to repository post-task (issue 9084)
Fixed a bug in persisting user configuration that causes NPE in some plugins (issue 9062)
Replacement of some maven properties is not working (issue 8573)
Fixed JDK1.6 dependency that has crept into the core in 1.400 (issue 8914)
When both "block build when upstream/downstream is building" are checked, the upstream block check wasn't taking effect. (issue 8968)
A project aggregating tests without any tests itself should now link properly to latest aggregated results, rather than broken link to non-existent test results.
Initial position of the "build time" timeline was off by one day (issue 8865)
Build list tables had "Date" as column label, but actual content of the column was "Time Since". (issue 9102)
PAM authentication fails to restore group membership information on "remember me" tokens. (issue 9094)
Upstream culprits did include culprits of an old build. (issue 8567)
Shell Task on Windows Agent Uses Incorrect /bin/sh. issue 8449)
NPE during run - fingerprint cleanup thread. issue 6128)
Failed to instantiate class hudson.slaves.DumbSlave. issue 7174)
"Last Duration" column was showing all N/A. Regression in 1.403 issue 9134)
Added the --mimeTypes command line option to define additional MIME type mappings.
Added a new axis type to the matrix project that lets you use boolean expressions (pull request #66)
Improved the error diagnostics when a remote method call fails to deserialize. (issue 9050)
Added "Manage Jenkins" link to the left side panel. (issue 7743)
LDAP group names are now available as-is for the use in authorization. No upper casing / no 'ROLE_' prefix.
Added a new extension point to contribute build variables.

What's new in 1.403 (2011/03/20)

Fixed a race condition in the remote data transfer that results in silent file copy failures. (issue 7871)
Maven Plugin : Successful build ends with NPE (issue 8436)
Fixed a deadlock when upstream and downstream jobs are blocked on each other (issue 8929)
Email fails when sending to multiple recipients if _any_ of them are in error (issue 9006)
Ant properties with Windows %VAR% type variables did not expand since 1.370. (issue 7442)
Fixed a concurrent data access corruption in crumb generation.
Allow maven builds to (optionally) make use of the token-macro-plugin.
Proactively watch out for incomplete extensions to avoid cryptic NPE. (issue 8866)
Added more event callbacks on ComputerListener (thread)
Improved the auto-completion for creating a job by copying.
Improved the performance of the configuration page rendering by lazy-loading fragments.
Introduced a behind-the-scene mechanism to lazy-load portions of HTML pages.
Introduced a behind-the-scene mechanism to simplify server/client communication through JavaScript proxies.
Added an option to aggregated test results to include failed builds as well as passing and unstable builds.
Added autocompletion to "Build after other projects" textbox, with support for "autoCompleteField" on textboxes without a true field.
Include OS type and version of agent in the system information page. (issue 8996)

What's new in 1.402 (2011/03/20)

Botched release. It doesn't exist.

What's new in 1.401 (2011/03/13)

Fix for JENKINS-8711 breaks deployments with credentials (issue 8939)
Environment variable not available for Maven build/POM parsing. (issue 8865)
Fixed a dead lock in concurrent builds of the same Maven projects. (issue 4220)
Plugin Manager incorrectly displays "Changes will take effect when you restart Jenkins". (issue 8917)
Added Manage Jenkins link in sidepanel of Plugin Manager and Update Center. (issue 8780)
Thread dump now reports all the threads from all the agents, not just the controller.
Made the extension point implementation discovery logic customizable by a plugin (issue 8897)
Defined a mechanism to replace some of the key UI text. (issue 8579)

What's new in 1.400 (2011/03/06)

NPE during in parsing POMs for Multi Module Build (issue 8525)
Post build action deploy to maven repository can fail when using "use private maven repository option" (issue 8711)
Groovy CLI command was failing to resolve plugin classes (issue 8892)
Exposing more key variables to the Groovy CLI command.
Allow classworlds.conf to be externally configured for M3 builds (issue 8905)
Configure the environment for Maven job type builds (issue 8902)

What's new in 1.399 (2011/02/27)

On IBM JDKs, Jenkins incorrectly ended up closing stdout to read from forked processes. (issue 8420)
Fixed a race condition in obtaining the tail of the output from remote process. (issue 7809)
Jenkins was unable to kill/list up native processes on 64bit Mac JVMs.
Many messages about RecordReaper IllegalArgumentException (issue 8647)
Multiple polling events triggering a single build show up as multiple identical BuildActions in the sidebar, since there is only one polling log file, regardless of how many times polling happened. Should only be the latest polling instance now. (issue 7649)
Fix javascript errors on config pages when view name or user name contains an apostrophe. (issue 8789)
Fix expansion of builtin environment variables in Ant properties on Windows. (issue 7442)
Fixed a log rotation configuration problem on openSUSE. (issue 5784)
Fixed a bug in the openSUSE startup script (again) (issue 5020)
Change prefix of BUILD_TAG variable to "jenkins-"
Lock down maven plugin versions to shut up m3 (issue 7275)
BuildWrappers can now act on the build in progress before the checkout occurs.
Improved the process forking abstractions so that plugins can more easily read from child processes. (issue 7809)

What's new in 1.398 (2011/02/20)

MavenBuild does not respect the "alternate settings" value of its parent MavenModuleSetBuild (issue 8670)
Jenkins wasn't telling build wrappers that builds were aborted when they were aborted. (issue 8054)
Maven deployment with uniqueVersion == true creating "new" versions for attached artifacts (issue 8651)
Fixed a bug in the openSUSE startup script (issue 5020)
Fixed a XSS vulnerability in the project relationship page.
"apt-get purge" with Debian should really purge
Added a new extension point to expose unprotected root action.
While editing description, inline help should show the syntax guide based on the current markup formatter.
Started exposing JENKINS_URL, JENKINS_SERVER_COOKIE env vars in addition to legacy HUDSON_* variables

What's new in 1.397 (2011/02/12)

Fixed a controller/agent communication problem since 1.378 that often manifests as "Not in GZIP format" (issue 7745)
When run as "java -jar jenkins.war", "~/.hudson" was still used as default. (issue 8658)
Debian package no longer messes around with the file permissions (issue 4047)
Fixed a JVM dependency in debian package so that it can run with OpenJDK (issue 8159)
Fixed a log rotation configuration problem on Red Hat (issue 5784)
Windows XP agent stopped working in 1.396 (related to name change) (issue 8676)
Unnecessary log messages if a remote pipe is not read until EOF (issue 8592)
Fixed a bug in the calendar computation. (issue 8656 in Hudson)
Fixed an NPE when loading full build history. (issue 8660)
EXECUTOR_NUMBER uniqueness can degrade over time (issue 4756)
jenkins-cli.jar should honor JENKINS_URL.
build RSS feeds now contain description of builds. (issue 3935)
Debian package will force-terminate Jenkins if it fails to shut down in 5 seconds. (issue 5415)

What's new in 1.396 (2011/02/02)

Fixed a bug in crontab "day of week" handling in locales where a week starts from Monday. (issue 8401)
If a controller fails to ping an agent, it should be hard-disconnected.
"java -jar hudson.war --daemon" was forcing umask 027. This includes Debian/redhat packages. (issue 5114)
If the JNLP-connected agent drops out without the controller not noticing, allow the reconnection without rejecting it. (issue 5055)
Fixed a trademark bug that caused a considerable fiasco by renaming to Jenkins

What's new in 1.395 (2011/01/21)

Do not chmod/chown symlink targets in /var/lib/hudson (debian package) (issue 8502)
M2 and M3 builds behave differently when tests fail. (issue 8415)
Hudson was failing to record the connection termination problem in agent logs.
Node names can be edited to include slashes and then cannot be removed. (issue 8437)
Fix temporarily offline agents not showing active jobs (issue 8546)
Startup performance improvement
Reduced the memory footprint used by fingerprints.
Added a new extension point to support external login mechanisms.
Heap dump of running Hudson instance can be obtained by requesting /heapDump from the browser.
MavenReporter#postExecute parameter Throwable error is always empty in case of mojo failure (issue 8493)
Improved the error diagnosis if a build fails because of the agent connectivity problem. (issue 5073)

What's new in 1.394 (2011/01/15)

Parsing poms fails if a module is a path to a pom (and not to a directory) (issue 8445)
M3 builds doesn't have a colorized console (issue 8411)
Bad path for submodules (issue 8452)
Add more options to configure maven project building (issue 8406)
Violations plugin tries to access nonexistent directory. (issue 8418)
maven2 build fails due to 'RELEASE' plugin version. (issue 8462)
Block build when downstream projects are building. (issue 7046)
nonRecursive option is not honored anymore when parsing pom (issue 8484)
Maven 3 support : display same logging output as a maven build with the cli (issue 8490)

What's new in 1.393 (2011/01/09)

Added CharacterEncodingFilter to prevent Non-ASCII characters from getting garbled.
Maven mirrors not used when project uses Maven 2.2 (issue 8387)
NPE while parsing POMs (issue 8391)
M2 POMs aren't parsed if there is a M3 control error like an invalid scope in a plugin dep. (issue 8395)
POMs parsing fails in m2 projects which has a wrong inheritance (m3 constraint). (issue 8390)

What's new in 1.392 (2010/12/31)

Maven 3 support in maven-plugin. (issue 4988)
Turn Off "Show Friendly HTTP Error Messages" Feature on the Server Side. (issue 8352)
Hudson installed as Windows service wasn't restarting properly (issue 5090)
Escape quotes. (issue 8270)

What's new in 1.391 (2010/12/26)

failed to build with "Trigger builds remotely" enabled. (issue 8319)
added a new extension point to use markup for job/user description

What's new in 1.390 (2010/12/18)

" (from WhateverTest)" gratuitously appended to test result detail pages. (issue 5655)
Fixed a pipe leak to child processes. (issue 8244)
Fixed an NPE in ComputerRetentionWork (issue 3696)
Fixed an issue preventing to copy data on AIX, HP-UX or Linux for S/390. (issue 8155)
Debian package init script now honors ~/.profile.
Build names (e.g., "#123") can be now modified by users/plugins to arbitrary text. (issue 53, issue 4884)
Allow the administrator to yank out dead executors.

What's new in 1.389 (2010/12/11)

Hide executors for offline nodes to conserve space in Build Executors Status list. (issue 8252)
throw AccessDeniedException if "Authentication Token" is invalid. (hudson-ja)

What's new in 1.388 (2010/12/04)

Failure to UDP broadcast shouldn't kill the Hudson bootup process.
Fixed an AbstractMethodError in listing up executors. (issue 8106)
Agents launched by JNLP fail to report their version numbers. (issue 8060)
Restarting Hudson via debian init script didn't wait for the process to really terminate. (issue 7937)
Test history with long build records had a scalability problem. (issue 4621)
Added the build number to the test result graph tooltip.
Added a new extension point to contribute transient View actions.
Added "disable project" button.
Added "set-build-description" CLI command.

What's new in 1.387 (2010/11/27)

Avoid AbstractMethodError in the executors rendering.
Don't litter HUDSON_HOME with atomic*.xml files.
Hudson is made more robust in the face of malformed console annotations.
Add parameter definition type and job name to job API (issue 8133)
"Install as a service" now supports Vista and Windows 7.
"Restart Hudson" button should appear when a plugin is manually installed.
In this release only the background is changed until Dec 5th to i387 chip, to celebrate our 1.387 release (the feature is time bombed and will revert to the butler after that date.)

What's new in 1.386 (2010/11/19)

Support CSRF protection when submitting results of an external job. (issue 7961)
Allow build to start when polling interval is shorter than quiet period and we need a workspace for polling. (issue 8007)
Fix escaping of some special characters when passing properties to Ant on Windows. (issue 7657)
Check poll_scm_threads.
"Retain long standard output/error" option could not be checked when configuring a job. (issue 7562)
Build number in Build History status was off-by-one. (issue 7973)
Check whether the name of ToolInstlation is not null. (issue 8088)
Prevent AbstractMethodError because of new method in Queue.Executor interface. (issue 8033)
View "Delete" permission was not checked properly for showing link. (issue 7605)
Fix javascript error in IE for some UI elements, such as one used by copyartifact plugin. (issue 6756)
Fix serialization of array containing null elements. (issue 8006)
Update bundled Subversion plugin to version 1.20 and SSH Build Agents to version 0.14.

What's new in 1.385 (2010/11/15)

Oops, same as 1.384

What's new in 1.384 (2010/11/05)

JDK download for auto installation was not honoring the proxy setting. (issue 7327)
Fixed the "Not in GZIP format" error when archiving site / copying files / etc. (issue 7745)
Fixed garbled node description. (Hudson-ja)
Fixed 404 Not Found error when downgrade buttons are clicked. (issue 7988)
Label expression textbox for "Restrict where this project can be run" now provides autocompletion suggestions.

What's new in 1.383 (2010/10/29)

Fix security issue where a user with job configure permission could obtain admin permission for their session. (issue 7256)
Build wrappers can now decorate the launcher or logger for matrix builds. (issue 7868)
Fixed a bug where non-existent optional dependencies can result in a cascading load failure.
Added extension point to allow plugins to add global filters to console log streams.
Calculate "Estimated remaining time" for incremental Maven builds based on the modules which are actually being build. (issue 6544)

What's new in 1.382 (2010/10/24)

Recognize initialization tasks from plugins. (issue 5427)
Hudson was failing to report error messages in several situations during a build.
UI for tying jobs to labels wasn't shown in some situations.

What's new in 1.381 (2010/10/16)

Fixed a race condition.
Fixed issue with LabelAxis longer than 30 characters causing failures when saving matrix job configuration. (issue 7500)
Improved packet fragmentation in Winstone when writing out HTTP responses.
Extension Point to provide alternate UI for Project Views implemented (issue 1467)

What's new in 1.380 (2010/10/09)

Safe restart was not working since 1.376
Don't let help icons get keyboard focus. This improves the keyboard navigability of the configuration page.
Debug message crept into the production code in 1.379. (issue 7662)
Fixed an AbstractMethodError in the UI with plugins (such as batch task.) (issue 7546)
Add "proxy compatible" option to default crumb issuing algorithm (issue 7518)

What's new in 1.379 (2010/10/02)

Fixed a pipe clogging problem that can result in a hanging build. (issue 5977, issue 7572)
Fixed a possible NPE in computing dependency changes.
Fixed the malformed HTTP request error recovery behavior in Winstone. (issue 7201)
When checking module descendant relationships, SCM changelog paths were using system file separators while module paths were always using /s. (issue 7611)
Hudson was creating multiple instances of PageDecorators, resulting in data consistency problem. (report)
Fixed a possible AbstractMethodError (issue 7546)
Supported failsafe reports for the Maven2 job type. (issue 4229)

What's new in 1.378 (2010/09/25)

Improving the controller/agent communication to avoid pipe clogging problem. (issue 5977)
Rolling back to Ant 1.8.0 due to bug in Ant 1.8.1 file copy with large files. (issue 7013)
Multiple fingerprints and "redeploy artifacts" links are added to M2 builds when multiple forked lifecycles are involved.
Computation of the module build time in the m2 job was incorrect when multiple forked lifecycles are involved.
Standardized logic for determining alternate settings file location in Maven projects for POM parsing and actual Maven execution. (issue 4963)
Side effect from earlier fix of issue 7300 - some help files were linking to a now-moved file in SVN directly. Those are all changed to relative paths now.
BuildWrapper teardowns could not get result of build for Maven2 projects. (issue 6033)
Properly handle incremental builds of Maven projects using relative paths to modules. (issue 5357)
Setting of MAXOPENFILES was not reflected in the debian init script. (issue 5721)
Do not expose static resources under WEB-INF to clients (issue 7457)
Console annotations are added to highlight warnings/errors in Maven
If a polling initiated a build, capture its log to the build.
Added a new extension point to prolong the quiet down period programmatically.
Added a new extension point to make the ping behaviour customizable. (issue 5249)
Added a new classloader ("a la" child first for plugin) (issue 5360)

What's new in 1.377 (2010/09/19)

Moved nulling out of buildEnvironments to cleanUp, so that node variables are available in Publishers. (issue 5925)
Fixed a persistence problem in the label properties. (issue 7378)
Fixed a problem in saving configuration for matrix projects with multiple label axes. (issue 7281)
Fixed French localization problem. (issue 6003, issue 7404)
Matrix project now supports custom workspace. (issue 5077)
Queue/execution model is extended to allow jobs that consume multiple executors on different nodes.

What's new in 1.376 (2010/09/11)

Error in some remote API requests since 1.373. (issue 7299)
Fixed RSS of each user's "last builds only" are not found. (issue 7384)
Handle initialization problem more gracefully (issue 7380)
A matrix build configuration page with multiple nodes/labels was broken since 1.373. (issue 7281)
Added downgrade support for the core and plugins.

What's new in 1.375 (2010/09/07)

CLI login did not work for about half of the CLI commands (those defined via @CLIMethod annotation). (issue 6628)
Add escaping for comma character for Ant properties on Windows. (issue 2149)
Small update to empty Ant properties on Windows fix from 1.374, now also working for two consecutive empty properties. (issue 7204)
Fixed a possible race condition during Hudson start up.
Improved the memory consumption when used with LDAP.
Improved console annotations for Ant.
(Internal) ConsoleNotes can now inject its associated CSS.

What's new in 1.374 (2010/08/27)

Unable to add empty Ant properties on Windows since 1.370. (issue 7204)
Maven2 projects now pick up Flexmojo test results automatically. (issue 6893)
Auto-completion can be now easily added to text boxes by plugins.
Non build modules in incremental Maven builds are now set to NOT_BUILD at the beginning of the build, already.
Plugins can now transform the console output. (issue 7112)
Administrator can unpin plugins that are pinned.
Memory footprint reduction with fingerprints.
Added "This build is disabled" on Matrix project when it disabled. (issue 7266)

What's new in 1.373 (2010/08/23)

Fixed a config page regression in the matrix project. (issue 7213)
Ant target annotation should allow colon in the target name. (issue 7026)
Fixed a 1.372 regression in handling whitespace and other characters in label names. (issue 7216)
Allow use of username/password parameters for CLI when using LDAP authentication. (issue 6628)
Axes in multi-configuration projects are now extensible.
Multi-configuration projects now allow multiple label/node axes.
Improved the layout algorithm of the matrix project visualization. (patch)
JUnit report archiving now captures stdout of tests run in Surefire. (issue 4158)
Updated bundled SSH Build Agents plugin to version 0.13.

What's new in 1.372 (2010/08/13)

Persist matrix-based security settings in a consistent order (issue 7138)
Jobs can now use boolean expression over labels to control where they run.

What's new in 1.371 (2010/08/09)

A security hole in CLI command implementations enable unauthorized users from executing commands. (SECURITY-5)

What's new in 1.370 (2010/08/07)

Added escaping of special characters when passing properties to Ant on Windows. (issue 7108)
Workaround issue in IBM JVM causing intermittent ClassNotFoundExceptions. (issue 5141)
Fixed a memory leak in Winstone (issue 5119)
Updated bundled cvs plugin to version 1.2.
Incorporated community contributed translations in Korean and Dutch.

What's new in 1.369 (2010/07/30)

X-Hudson header not being sent in 1.368. (issue 7100)
NPE on build after incremental Maven builds are aborted. (issue 6429)
On-demand agents would launch even when "only for tied jobs" is set. (issue 7054)
Fix links to ant targets in console output view that were added in 1.367. (issue 7041)
Avoid error with invalid or null primary view, such as in upgrade from older Hudson. (issue 6938)
Support LogRotator deletion of old artifacts in multiconfiguration projects. (issue 6925)
Build queue was not saved in safeRestart or safeExit. (issue 6804)
CLI can now work with a reverse proxy that requires BASIC auth. (issue 3796)

What's new in 1.368 (2010/07/26)

Make /buildWithParameters support remote cause and user supplied cause text for build via authentication token, just as /build does. (issue 7004)
Auto install of JDK when controller/agent are different platforms would fail. (issue 6880)
Modified to work with Tomcat 7. (issue 6738)

What's new in 1.367 (2010/07/16)

Safe restart made Hudson unresponsive until all running jobs complete, since 1.361. (issue 6649)
Plugins with dependencies show wrong description on installed plugins page. (issue 6966)
Fix redirect after login when return URL has characters that need encoding. (issue 6960)
<input type='hidden'> field shouldn't be getting the plain text password value.
Added a mechanism to register CLI option handler as an extension point.
Added a CLI command 'set-build-result' that can be used from inside a build to set the build status.
Show outline structure for Ant execution in the console output view.
Remote API now supports the 'tree' filter query parameter which is more efficient and easier to use. (issue 5940)

What's new in 1.366 (2010/07/09)

Fixed a possible security issue where a malicious user with the project configuration access can trick Hudson into leaking the proxy password, if Hudson is configured with a proxy with username/password. (SECURITY-3)
Delete contained module builds when a maven project build is deleted, to avoid orphaned builds which can then affect the displayed result of a prior build. (issue 6779)
Hide some sidepanel links that should not be shown in user-private views. (issue 6832)
Fix for file parameters that are copied to a subdirectory of the workspace. (issue 6889)
File parameters uploaded via the CLI are now displayed correctly on the build Parameters page. (issue 6896)
Allowed file parameters to be downloaded even when the name contains URL-unfriendly characters. (issue 6897)
Fixed a garbage in the raw console plain text output. (issue 6034)
"Hudson is loading" page didn't take the user back to the same page.
Hudson can now remotely install JDK on Windows agents when connecting via the "Let Hudson control this Windows agent as a Windows service" mode.
The "Let Hudson control this Windows agent as a Windows service" mode now allows the same Windows agent to be used by multiple Hudson controllers.

What's new in 1.365 (2010/07/05)

Fixed a critical security problem. See the advisory for more details.

What's new in 1.364 (2010/06/25)

Fixed a race condition where a queued build may get executed multiple times. (issue 6819)
Some UI labels related to JUnit results were shown in the wrong locale. (issue 6824)
BuildWrappers can now contribute build variables. (issue 6497)

What's new in 1.363 (2010/06/18)

Fix queue handling to close locking gap between removing job from queue and starting build, to prevent unintended concurrent builds (refactor of change first made in 1.360). (report)
Allow multiple dependencies between same two projects, as they may trigger under different conditions and with different parameters. (issue 5708)
Timeline on build trend page should use server timezone instead of always GMT. (issue 6692)
Don't mask the cause of the checkout related exception.
"who am I?" page should be visible to everyone.
Avoid pointless and harmful redirection when downloading slave.jar. (issue 5752)
Cache downloaded JDKs.
Reinstall a JDK when a different version is selected. (issue 5551)
Integrated community-contributed translations (Germany, Greek, Spanish, Finnish, Hungarian, Italian, Japanese, French, Russian, Slovenian, Dutch, Traditional Chinese, Swedish, Ukrainian, and Portuguese.)
Upgraded bundled Ant to version 1.8.1. (issue 6562)

What's new in 1.362 (2010/06/11)

Restored optional container-based authentication for CLI. (issue 6587)
Fix javascript error when a plugin uses an empty dropdownList, resulting in LOADING overlay being left up. (issue 6542)
Add setting so job views may show only enabled or disabled jobs. (issue 6673)
File parameters can now be downloaded from the build Parameters page. (issue 6719)
Added an ability to point to different update sites.
Added a new extension point to plug in custom utility to kill processes.
Added a proactive error diagnostics to look for a broken reverse proxy setup. (report)

What's new in 1.361 (2010/06/04)

Fixed a bug where IE shows empty client cert dialog when connecting to HTTPS site run by Winstone. (report)
"java -jar hudson.war" with AJP was broken. (issue 5753)
Safe restart stopped working on protected Hudson since 1.359. (issue 6667)
Parameterized jobs did not use configured quiet period. (issue 6660)
Fix form data conflict when fingerprinting is used with Promoted Builds plugin. (issue 6642)
Avoid possible exception at startup when some plugins have optional dependencies. (issue 6435)
Add autocomplete="off" for LDAP managerDN and managerPassword fields. (issue 3586)
Set a TCP timeout when agents connect to the controller. (issue 6262)
File parameter builds started with the CLI command no longer throw an NPE. (issue 4296)
Workaround for bug in Glassfish Enterprise. (issue 6459)
Ensure nested f:repeatable content does not inherit outer list when inner list is null. (issue 6679)
Add two new permalinks to job pages: "Last unstable build" and "Last unsuccessful build".
Allow the build number to be set so long as it's still bigger than the last build. (issue 4930)
Copied jobs are now disabled until configuration is saved, so they don't start building before ready. (issue 2494)
Reduced logging from jmDNS.

What's new in 1.360 (2010/05/28)

A Java6 dependency had crept in in 1.359. (issue 6653)
Workaround for bug in Glassfish Enterprise. (issue 6459)
Added an extension point to control the assignment of tasks to nodes. (issue 6598)

What's new in 1.359 (2010/05/21)

Accept latest JRockit JVM release as a compatible JVM. (issue 6556)
Hudson now broadcasts itself in DNS multicast at "_hudson._tcp.local" to facilitate auto-discovery from other tools
Added the "-block" option to the "quiet-down" CLI command so that the command will block until the system really quiets down.

What's new in 1.358 (2010/05/14)

Too much memory used by stdout/stderr from test results. (issue 6516)
Fixed a memory leak in Winstone sessions. (issue 5119)
Fix to handle usernames with colon character on Windows. (issue 6476)
Fixed the port number handling problem in debian init script. (issue 6474)
Fix FilePath.getParent() handling of edge cases. (issue 6494)
Fix css conflict introduced in 1.357 that caused missing data display in analysis plugins. (issue 6496)
Support "optional=true" parameter for @Extension.
Supported OpenSSL-style certificate/key file format with "java -jar hudson.war"
If --httpsPort option is given without the certificate, run with a one-time self-signed certificate.
Hudson shouldn't show a login error page unless the user really failed to login (think about when the user presses a back button.)

What's new in 1.357 (2010/05/07)

Maven builds abort unexpectedly due to a SocketTimeoutException on machine with poor resources. (issue 3273)
Fix incorrect handling of ".." in paths with mix of / and \ separators since 1.349. (issue 5951)
Javadoc publishing should not fail build if javadoc is already current. (issue 6332)
Fix download of files/artifacts larger than 2GB. (issue 6351)
Build page may not list all of the artifacts since 1.348. (issue 6371)
Add workaround for Opera 10.52/53 bug causing error in saving job configuration. (issue 6424)
Fix createSymlink problem on *nix systems that do not use GNUCLibrary since 1.356. (issue 6437)
Hide add/edit description link on test result pages when user does not have permission to submit a description.
Changed permission required to set description on test result pages from Build Job to Update Run.
Add "LOADING" overlay on global and job config pages until form is ready for use.
Email recipient lists now support build parameters. (issue 6394)
Make it easier to see the latest update jobs on the Update Center page. (issue 4255)
Allow plugins to use forms with an onsubmit handler, and fix "no-json" handling. (issue 5927)
Updated bundled subversion plugin to version 1.17.

What's new in 1.356 (2010/05/03)

Fix StringIndexOutOfBoundsException in console log from UrlAnnotator. (issue 6252)
Fixed potential deadlock between saving project config and getting project page. (issue 6269)
Fixed timeline display on build time trend page. (issue 6439)
Fixed garbled response of XML API if xpath is specified. (ja@hudson.dev.javanet)
Fix broken links for stopping jobs in executor list on pages for agents or filtered views.
Fixed NoSuchMethodError with Maven and Ivy plugins. (issue 6311)
Extension points can be now sorted.

What's new in 1.355 (2010/04/16)

Colored ball image at top of build pages was broken for Hudson in some web containers (fixed by removing workaround for a Firefox bug fixed since 3.0.5/Dec2008). (issue 2341)
Console page while build is running did not wrap lines when viewed in IE. (issue 5869)
Fixed build history to indicate test failure for MavenBuild and MavenModuleSetBuild.
Make dropdownList work in repeatable content, such as a build step.
Fixed a bug where a job created via XML didn't properly receive upstream/downstream computation. (report)
Argument masking wasn't working correctly for commands run on agents (report)
Added the agent retention strategy based on a schedule.
Added to configure charset option of Mailer.

What's new in 1.354 (2010/04/12)

POM parsing was still using the module root as the base for relative paths for alternate settings files. (issue 6080)
Fix dynamic updates of build history table when CSRF protection is turned on. (issue 6072)
Improved the error reporting mechanism in LDAP setting.
Raw console output contains garbage. (issue 6034)
Fixed a file handle leak in the agent connection. (issue 6137)
Quiet period wasn't taking effect properly when doing parameterized builds.

What's new in 1.353 (2010/03/29)

Tagging a repository can result in NPE.
Fix possible form submission error when using multiple combobox elements. (issue 6025)
Better escaping of test case names in test results pages. (issue 5982)
Make radio buttons work in repeatable content, such as a build step. (issue 5028)
Fixed the handling of verifying that the POM path entered for Maven projects exists. (issue 4693)
Added link to builds in buildTimeTrend (issue 3993)

What's new in 1.352 (2010/03/19)

Fixed a file handle leak when a copy fails. (issue 5899)
Replace '>' with '_' in username, as already done for '<'. (issue 5833)
Fix editableComboBox to select item when mouse click takes more than 100ms. (issue 2722)
Fixed NPE when configuring a view without "Regular expression".
Page shouldn't scroll up when the user opens/closes a stack trace in the test failure report.
Fixed a bug where Hudson can put a wrong help file link. (report)
Fixed Maven site goal archiving from agents. (issue 5943)
Fixed a regression with NetBeans Hudson plugin progressive console output. (issue 5941)
Fixed a situation where a failure in plugin start up can prevent massive number of job loss.
Supported JBoss EAP 5.0.0 GA. (issue 5922)
CLI commands on protected Hudson now asks a password interactively, if run on Java6.
Added CLI 'login' and 'logout' commands so that you don't have to specify a credential for individual CLI invocation.
URLs in the console output are now hyperlinks.
Improved the URL annotation logic.
Add drag&drop support for f:repeatable lists and use this for the JDK/Ant/Maven installations in global config so these can be reordered.
Integrated a new round of community-contributed localizations (ca, es, fi, fr, hi_IN, it, nl, ru, and sv_SE locales.)

What's new in 1.351 (2010/03/15)

Regression in 1.350 that can delete old build artifacts. (report)

What's new in 1.350 (2010/03/12)

Fix handling of relative paths in alternate settings.xml path for Maven projects. (issue 4693)
Alternate settings, private repository, profiles, etc were not used in embedded Maven for deploy publisher. (issue 4939)
Make editableComboBox work in repeatable content, such as a build step.
If content is captured using <j:set var="..">..content..</j:set>, fixed this to use proper HTML rendering when appropriate.
'<' and '&' in the console output was not escaped since 1.349 (issue 5852)
Fixed an AbstractMethodError in SCM polling under some circumstances. (issue 5756)
Fixed a ClassCastException in the Subversion plugin - now using Subversion plugin 1.13. (issue 5827)
The Maven Integration plugin link in the Update Center was going to a dead location. (issue 4811)
On RPM/DEB/etc installation, don't offer the self upgrade. It should be done by the native package manager. (report)
Fixed a possible lock up of agents.
Added advanced option to LogRotator to allow for removing artifacts from old builds without removing the logs, history, etc. (issue 834)
Authentication support in Hudson CLI. (issue 3796)
Added console annotation support to SCM polling logs.

What's new in 1.349 (2010/03/05)

Fix deserialization problem with fields containing double underscore. (issue 5768)
Fix deserialization problem for Exception objects where the XML has bad/old data. (issue 5769)
Fix serialization problem with empty CopyOnWriteMap.Tree. (issue 5776)
Fixed a bug that can cause 404 in the form validation check.
Remote build result submission shouldn't hang forever even if Hudson goes down.
Added a monitor for old or unreadable data in XML files and a manage screen to assist in updating files to the current data format and/or removing unreadable data from plugins that are no longer active. "Manage Hudson" page will show a link if any old/unreadable data was detected.
Added a mechanism to bundle init.groovy inside the war for OEM. (report)
Added an extension point to annotate console output. (issue 2137)

What's new in 1.348 (2010/02/26)

Fixed a performance problem of the job/build top page when there are too many artifacts.
Improved /etc/shadow permission checks.

What's new in 1.347 (2010/02/19)

Fix javascript problem showing test failure detail for test name with a quote character. (issue 1544)
Hudson can incorrectly configure labels for the master when bleeding edge EC2 plugin is used.
Fixed the regression wrt the whitespace trimming caused by 1.346. (issue 5633)
Under some circumstances, Hudson can incorrectly delete the temporary directory itself. (issue 5642)
Newlines in MAVEN_OPTS environment variable can cause problems in other contexts. (issue 5651)
Improved the form validation mechanism to support multiple controls. (issue 5610)
Added message to agent log when it has successfully come online. (issue 5630)

What's new in 1.346 (2010/02/12)

Maven modules should not be buildable when the parent project is disabled. (issue 1375)
Fixed the broken quiet period implementation when polling interval is shorter than the quiet period. (Changes in SCM impls are needed for this to take effect.) (issue 2180)
Escape username in URLs in case it contains special characters such as "#". (issue 2610)
Fix sidepanel link for People to be visible and show view-specific info when appropriate. (issue 5443)
Improved HTML rendering, not using closing tags that do not exist in HTML. (issue 5458)
Show better error message for missing view type selection when creating a view. (issue 5469)
Hudson wasn't properly streaming a large external build submission, which can result in OOME and unresponsiveness.
Use fixed-width font in text area for shell/batch build steps. (issue 5471)
Use user selected icon size on People page. (issue 5447)
Speed/footprint improvement in the HTML rendering.

What's new in 1.345 (2010/02/08)

Update center retrieval, "build now" link, and real-time console update was broken in 1.344. (issue 5536)
Fixed the backward incompatibility introduced in JENKINS-5391 fix in 1.344. (issue 5391)

What's new in 1.344 (2010/02/05)

Removed the forced upper casing in parameterized builds. (issue 5391)
Password parameter on the disk should be encrypted. (issue 5420)
Duplicate entries on Upstream/Downstream project with "Build modules in parallel". (issue 5293)
"Projects tied on" should be "Projects tied to". (issue 5451)
Fixed the bug that prevents update center metadata retrieval in Jetty. (issue 5210)
Show which plugins have already been upgraded in Plugin Manager. (issue 2313)
Show Hudson upgrade status on manage page instead of offering same upgrade again. (issue 3055)
Make badges in build history line up. (report)

What's new in 1.343 (2010/01/29)

Don't report a computer as idle if it running the parent job for a matrix project. (issue 5049)
Improve error message for a name conflict when renaming a job. (issue 1916)
Job description set via the remote API was not saved. (issue 5351)
Work around a JVM bug on Windows that causes the "Access denied" error while creating a temp file. (issue 5313)
Fixed a NPE in the update center with the container authentication mode. (issue 5382)
Global MAVEN_OPTS for Maven projects wasn't getting loaded properly for configuration. (issue 5405)
Fix for parameterized project with choice parameter value that has < or > character. (report)
Build queue was showing some of the items in the wrong order — it should show new ones first and old ones later.
Move form to adjust logging levels to its own page and include table of configured levels. (issue 2210)
Allow the administrator to control the host names via a system property "host.name" per agent, in case auto-detection fails. (issue 5373)
Introduced a new extension point for test result parsers. (discussion)
Data loading is made more robust in the face of linkage failures. (issue 5383)
Auto-detect if Hudson is run in Solaris SMF and provide restart capability. (report)
Formalized an extension point to control priority among builds in the queue. (issue 833)

What's new in 1.342 (2010/01/22)

Commands run on agents (such as SCM operations) were not printed to the log the way they would be when run on master. (issue 5296)
Downstream jobs could fail to trigger when using per-project read permissions. (issue 5265)
Update lastStable/lastSuccessful symlinks on filesystem later in build process to avoid incorrectly updating links when build fails in post-build actions, and links briefly pointing to a build that is not yet complete. (issue 2543)
Debian package no longer changes the permissions and owner of the jobs and .ssh directory. This is to improve upgrade speed and so that ssh works properly after upgrading. (issue 4047 and issue 5112)
Automatic tool installation wasn't honoring proxy setting. (issue 5271)
Fixed a bug that induces a NPE during list view column construction. (issue 5061)
Fixed a bug that can cause Hudson to fail to encode non-ASCII characters in URL. (issue 5155)
Added "process-test-classes" phase to Maven intercepter. (issue 2226)
Fixed a regression in the remote API in 1.341. (report)
Improved error diagnostics when failing to auto install Maven/Ant. (issue 5272)
Infer the default e-mail address more smartly with user IDs like "DOMAIN\user" (often seen in Windows) (issue 5164)
The hudson.model.Run.ArtifactList.treeCutoff property should not limit the number of artifacts shown by the API. (issue 5247)
Spanish translation made a great progress.

What's new in 1.341 (2010/01/15)

Completed fix started in 1.325 for updating bundled plugins, now working when security is enabled. (issue 3662)
TemporarySpaceMonitor and DiskSpaceMonitor fail to instantiate on fresh systems. (issue 5162)
/tmp space monitoring didn't work if /tmp is filled up completely.
Plugins can now control how builds are triggered when they declare downstream jobs. (issue 5236)
Hudson now detects a cyclic dependencies among plugins and report the error gracefully.
Extension points can now contribute multiple actions.
Responses to remote API calls now honor the "Accept-Encoding" header. (report)
Link to project changes summary instead of this build's changes for "still unstable" email. (issue 3283)
SCM retry count and "Block build when upstream project is building" is now available on matrix projects. (report)

What's new in 1.340 (2010/01/11)

Non ASCII chars get mangled when a new user is created. (issue 2026)
Fixed garbled mail text when default encoding is not UTF-8. (issue 1811)
Fixed a bug in the log rotation setting of RPM packages. (report)
Added a new CLI command to obtain list of changes by specifying builds.
Improved memory/swap monitoring on Solaris systems that doesn't have the 'top' command. (report)
User IDs in Hudson are now case preserving but case insensitive. (issue 4354)
CVS support is separated into a plugin, although it's still bundled by default for compatibility. (issue 3101)

What's new in 1.339 (2009/12/24)

slave.jar incorrectly shipped with a version number indicating a private build. (issue 5138)
Global MAVEN_OPTS weren't saving due to TopLevelItemDescriptors not being configured in global configuration. (issue 5142)
Make maven project more resilient to exceptions from plugins. (issue 3279)
Add the ability to configure low-disk space thresholds. (issue 2552)
Allow BuildWrapper tearDown code to detect when the build has failed. (issue 2485)
Add help regarding "Auto" repository browser selection and add support for this in Subversion plugin. (issue 2082)
Introduced a mechanism so that writing XSS-free code is easier. (discussion)

What's new in 1.338 (2009/12/18)

Maven projects will now use per-project MAVEN_OPTS if defined first, then global MAVEN_OPTS if defined, and finally as fallback, MAVEN_OPTS environment variable on executor. (issue 2932)
Expose upstream cause details via remote API. (issue 5074)

What's new in 1.337 (2009/12/11)

Matrix parent build shouldn't consume an executor. (issue 936)
Exceptions in one publisher shouldn't block all other publishers from running. (issue 5023)
Fixed OutOfMemoryError in JNLP agents that are running for too long. (issue 3406)
Auto installer for Maven couldn't be configured after the fact.
Fixed a bug that the form field validation couldn't handle <select> box. (report)
Fixed a possible "XYZ is missing its descriptor" storm. (issue 5067)
Group available plugins in Plugin Manager by category. (issue 1836)
Add sorting and link to directory browser for artifact list and tree display. (issue 4976)
Make links in build history for a view stay under that view. (issue 5021)
Automatically install dependent plugins. (issue 4983)
Implemented a proper serialization of multi-classloader object graph. (issue 5048)

What's new in 1.336 (2009/11/28)

Update or remove lastSuccessful/lastStable symlinks on filesystem as appropriate when a build is deleted. (issue 1986)
In-demand strategy could not relaunch agent nodes since 1.302. (issue 3890)
Actual cause for agent going offline was always masked by channel-terminated cause.
Improved display of why an agent is offline (don't incorrectly say "failed to launch").
Improved the error diagnostics on the failure to establish connection with JNLP agents early on.
Fix so configure-agent permission actually allows configuration of agents.
User pages showed add/edit description link to users without permission to edit, and guests were allowed to edit the user profile for anonymous user.
Debian package now demands full JRE, not just a headless JRE. (issue 4879)
Avoid exception if a plugin provides null for a dynamic node label. (issue 4924)
If restart is not supported, explain why. (issue 4876)
Matrix configuration builds should continue even when Hudson is about to shut down. (issue 4873)
Send build status email to valid addresses rather than aborting for one invalid address. (issue 4927)
Smart JDK/Maven/Ant auto installers aren't available for existing tool configurations.
Hudson can now run gracefully (albeit bit slowly) where JNA is not available. (issue 4820)
Add ability to delete users from Hudson. (issue 1867)
Gracefully detect the double loading of JNA instead of failing later with NoClassDefFoundError (detail)
Introduced a structure around the initialization process for better reporting and etc.
Debian packages creates Hudson user with /bin/bash to accommodate some tools that want a valid shell. (issue 4830)

What's new in 1.335 (2009/11/20)

Space in axis value for matrix type project was lost on reconfiguration. (issue 2360)
Remember me did not work with unix authentication. (issue 3057)
Node variables not passed through to Maven jobs. (issue 4030)
Fix handling of non-ASCII characters in external job submission. (issue 4877)
Job assigned to label that no longer has any nodes generates exception since 1.330. (issue 4878)
Custom workspace on Windows with just a drive letter or using forward slashes in path failed to build in 1.334. (issue 4894)
Core version number in plugin manager warning message was missing in 1.334.
Matrix build wasn't showing their full name in the executor list on the left.
Hudson's UDP broadcast/discovery now supports IP multicast.

What's new in 1.334 (2009/11/16)

Fixed a possible exception in submitting forms and obtaining update center metadata with Winstone in 1.333. (issue 4804)
Remoting layer was unable to kill remote processes. Prevented Mercurial plugin from implementing poll timeout on agents. (issue 4611)
Display of console output as plain text did not work in browsers since 1.323. (issue 4557)
Show "Latest Test Results" link even when a new build is running. (issue 4580)
Fix broken links for failed tests on build page for a matrix type project. (issue 4765)
"Enable project-based security" always comes up unchecked on configure pages in 1.333, so project permissions are lost if not rechecked before clicking Save. (issue 4826)
Project read permission was not enforced via /jobCaseInsensitive/jobname path.
Project configuration could be modified via POST to /job/jobname/config.xml with only "Extended Read" permission but not configure permission.
Fixed the over zealous escaping in the inlined unit test failure report.
Fixed OutOfMemoryError in Winp (issue 4058)
Write log message and ignore unrecognized permissions when loading XML. (issue 4573)
Fix in stapler so we don't redirect to "." which causes problem in some containers. (issue 4787)
List counts for duplicate cause entries for a build rather than listing many times. (issue 4831)
Plugin manager now shows warning for upgrade/install of plugins into a Hudson that is older than the plugin was built for. (issue 541)
CLI "build" command now supports passing parameters.
Job should provide doDescription to allow easy manipulation over http (issue 4802)
Improvement in the caching of the view templates.
Added new SaveableListener to be called when objects implementing Saveable are saved.

What's new in 1.333 (2009/11/09)

Fixed a performance problem in the file upload with Winstone. (report)
Allow non-absolute URLs in sidebar links that do not end with slash character. (issue 4720)
Build other projects "even when unstable" option was not working with Maven projects. (issue 4739)
When renaming a log recorder, check new name uses valid characters, remove config file for old name and redirect to new name after save.
Fixed ArrayIndexOutOfBoundsException in my view. (report)
Fixed a race condition in interrupting pending remote calls.
Retry shouldn't kick in if the build is aborted during checkout.
Hudson now sends "Accept-Ranges" header where it's supported. (report)
Hudson is internally capable of supporting multiple update sites.
Added a new "safe-restart" CLI command, also accessible at "/safeRestart", and used for post-upgrade/plugin install restart. (issue 4553)
Added "delete-builds" CLI command for bulk build record deletion.
Supported a relative path in the custom workspace directory, which resolves from FS root of the agent.
Fixed another NotExportableException when making a remote API call on a project. Broke NetBeans integration and possibly others. (issue 4760)

What's new in 1.332 (2009/11/02)

Fixed a regression in 1.331 where previously disabled plugins and their artifacts in build.xml can cause build records to fail to load. (issue 4752)
Fixed NotExportableException when making a remote API call on a project. (report)
Fixed IllegalArgumentException: name (report)

What's new in 1.331 (2009/10/30)

Fixed a memory leak problem with the groovysh Hudson CLI command. (issue 4618)
CVS changelog reports were incorrect if built from tags. (issue 1816)
Upstream projects list was lost when saving matrix type project. (issue 3607)
slave.jar now supports HTTP BASIC auth. (issue 4071)
Fixed a problem where taglibs defined in plugins cannot be seen from other plugins. (report)
Improved the UI of taking a node offline.
Added improved logging for exceptions encountered when attempting to invoke Maven in Maven projects. (issue 3273)
Automated tool downloads are made more robust by using HTTP download retries.
SCM information is now exposed via the remote API.
Added the "install-plugin" command to install plugins from CLI. (report)

What's new in 1.330 (2009/10/23)

Fixed NoSuchMethodError error during error recovery with Maven 2.1. (issue 2373)
RemoteClassLoader does not persist retrieved classes with package structure (issue 4657)
Update center switched over from https://hudson.dev.java.net/ to https://hudson-ci.org/
Use tree view to show 17-40 build artifacts on build/project pages. (issue 2280)
When showing why a build is pending, Hudson now puts hyperlinks to node/label/project names.
Custom workspace is now subject to the variable expansion. (issue 3997)

What's new in 1.329 (2009/10/16)

Fixed UI selector (hetero-list) to handle nested selectors (resolves conflict between Promoted Builds and Parameterized Trigger plugins). (issue 4414)
Fixed incremental Maven build behavior to properly handle new modules without hitting NPE. (issue 4624)
Added the "build" CLI command that can not only schedule a new build, but also wait until its completion.
Made visibility rules of test result remote API consistent with those for individual test cases.
Fixed a bug in the HTTP Range header handling. (report)
Fixed a bug in .cvspass form field persistence. (issue 4456)

What's new in 1.328 (2009/10/09)

Overview of all SCM polling activity was never showing any entries. (issue 4609)
Fixed a bogus IOException in the termination of CLI.
Fixed a bug in the form submission logic of the SMTP authentication configuration. (report)
Hudson shouldn't store SMTP auth password in a clear text. (report)
Improved the form validation in global e-mail configurations. (report)

What's new in 1.327 (2009/10/02)

Worked around a possible Windows agent hang on start up. (details)
Inability to access hudson.dev.java.net shouldn't prevent Hudson from working. (issue 4590)
Added a CLI command install-tool to invoke a tool auto-installation from Hudson CLI. (report)
Added column on plugin updates page showing currently installed version.
Build page now shows where the build was done.
Job-enabling API should reject GET requests (issue 3721)
Added an extension point for inserting actions across all projects without configuration. (report)
stdout, stderr, error details and the stack trace can be filtered out of the remote API representation of a test case with the depth parameter. (discussion)

What's new in 1.326 (2009/09/28)

Hudson fails to update a plugin due to a bug in the up-to-date check logic. (issue 4353)

What's new in 1.325 (2009/09/25)

Self restart was not working on Solaris 64bit JVM.
Fixed a possible NoSuchElementException in Hudson start up.
"Redeploy Maven artifacts" GUI causes NPE.
Permission check was missing for file mask validators.
Fixed a problem regarding SCM plugin evolution and SCM browser settings, as observed in the Mercurial plugin. (issue 4514)
Update center wasn't capable of updating bundled plugins, such as subversion.
Fixed a problem in the up-to-date check of the plugin extraction. (issue 4353)
Fixed a bug in the Debian package init script. (issue 4304)
Fixed an NPE in MavenBuild$RunnerImpl.decideWorkspace (issue 4226)
"Test e-mail" feature in the system configuration page wasn't taking most of the parameters from the current values of the form. (issue 3983)
If a Maven project is built with "-N" or "--non-recursive" in the goals, it will not attempt to load and parse the POMs for any modules defined in the root POM. (issue 4491)
Update center will create *.bak files to make it easier for manual roll back of botched upgrades.
Vastly improved the default MIME type table of the built-in servlet container.
Javadoc location is now subject to the variable expansions. (issue 3942)
JNLP clients now report the reason when the connection is rejected by the controller. (issue 3889)

What's new in 1.324 (2009/09/18)

Added call to MailSender in RunnerImpl.cleanUp so that mail gets sent for top-level Maven project as well as individual modules. This means mail will be sent if there are POM parsing errors, etc. (issue 1066)
Default value for password parameter in a parameterized project was not saved. (issue 4333)
Run sequentially option for Matrix project was not visible unless Axes was checked. (issue 4366)
Fix launching Windows agent for agent name with space or other characters needed encoding. (issue 4392)
Support authentication when running java -jar hudson-core-*.jar using username/password included in HUDSON_HOME URL; also removed dependency on winstone.jar. (issue 4400)
Fixed links on age values in JUnit test reports. (issue 4402)
Maven project POM parser now ignores empty modules or modules only containing whitespace, matching Maven's behavior. (issue 4442)
Fixed setting of "blockBuildWhenUpstreamBuilding" for AbstractProject - wasn't being set at all, or displayed. (issue 4423)
Handling of URLs with encoded character at end of a path component did not work in 1.323. (issue 4454)
Fixed some field validators to work for values including + character.
Fixed the charset encoding handling when different encodings are involved between the controller and agents. (patch)
Fixed a bug in the workspace archive support. (issue 4039)
Added client-side validator for required fields and used this to replace some AJAX calls.
JNLP clients perform periodic ping to detect terminated connections and recover automatically. (report)

What's new in 1.323 (2009/09/04)

Creation of symlinks failed (or created in wrong location) since 1.320. (issue 4301)
Fixed a NoClassDefFoundError problem that happens in remoting+maven+3rd plugin combo. report
Raw console output was doing XML escaping for '&' and '<' but it shouldn't.
Manually wiping out a workspace from GUI can cause NPE with some SCM plugins.
Fixed ClassCastException in JavaMail with some application servers. (issue 1261)
Fixed a bug in the tabular display of matrix projects. (issue 4245)
Avoid division by zero error in swap space monitor. (issue 4284)
Avoid duplicate My Views links after Reload configuration from disk. (issue 4272)
Removed need for hack that lowered build health scores by one, so now 4/5 is reported as 80 instead of 79. (issue 4286)
Fixed renaming a job to a name that includes a + character.
Matrix project did not properly handle axis values with some special characters such as slash. (issue 2670)
Added validation for axis names in Matrix project.
Ajax validator for name of a new job now warns about invalid characters.
Maven builder in freestyle projects now supports "Use private repository" option. (issue 4205)
Maven incremental builds now rebuild failed/unstable modules from previous builds, even if they are unchanged. (issue 4152)
Labels are listed in lexicographic order. (report)
Labels for nodes are shown in a tag cloud style. (patch)
Exposing load statistics to the remote API. (report)
Make dynamic labelling of nodes clearer and easier to work with.
Plugins can mark themselves as incompatible with earlier versions to notify users during upgrade. (issue 4056)
Footer now includes a timestamp.
Advanced option now available for all project types to keep builds in queue while upstream projects are building. Off by default. (issue 1938)
Fixed a bug in Winstone that hides the root cause of exceptions.

What's new in 1.322 (2009/08/28)

NPE in Subversion polling problem. (issue 4299)
Changing credential in Subversion can still result in "svn authentication cancelled" (issue 3936)
Debian init script now uses "su" to properly initialize the environment. (issue 4304)

What's new in 1.321 (2009/08/21)

"Tag this build" was failing. (issue 4018)
Build history AJAX update was buggy.
Failed Junit tests will display error message and stacktrace even when no additional TestDataPublishers are attached to the project. (issue 4257)
Maven test failures will again properly mark a build as unstable, even if later task segments are successful. (issue 4177)
Matrix permissions with LDAP now properly validates group names using configured prefix and case settings; added help text about these settings. (issue 3459)
Improved the debian package to set USER and HOME. (report)
Failed to look up an e-mail address for LDAP users shouldn't cause a build to fail. (report)
Fixed a possible NPE in Hudson.removeNode (report)
Debian start-up script should inherit LANG and other key environment variables.
Dynamic label computation wasn't re-done properly for the master node. (issue 4235)
Form validation for the remote FS root of agents was not functioning.
Privilege escalation on Solaris without username was not working.
Hudson can make mistakes in binding plugins to their right /plugin/NAME/ URLs. (report)
Hudson wasn't working on WebLogic on Windows. (report)
Fix New Job and Edit View links when default view is not "All" jobs. (issue 4212)
Revert logger settings when a log recorder is deleted. (issue 4201)
Add xml header on RSS/atom feeds and fix RSS URLs in header for non-default views. (issue 4080, issue 4081)
Plugin installation / Hudson upgrade are made more robust in the face of possible connection abortion. (report)
Global and per-node environment vars are made available to SCM checkout. (issue 4124)
You can designate certain combinations in a matrix project as "touchstone builds". These will be run first, and the rest of the combinations will run if the touchstone builds are successful. (issue 1613)
Added BUILD_URL and JOB_URL to the exposed environment variables. (request)
Added restart CLI command.

What's new in 1.320 (2009/08/14)

Fixed an encoding problem in CVS changelog calculation. (issue 3979)
Environment variables are considered in test paths. (issue 3451)
A failing test is recorded when JUnit XML is invalid (issue 3149)
Fixed possible Unable to call getCredential. Invalid object ID race problem. (issue 4176)
If the timing coincides between polling and build, Hudson ended up creating multiple workspaces for the same job, even when concurrent build is off. (issue 4202)
Fixed a "Releasing unallocated workspace" assertion error. (issue 4206)
Fixed NPE in various Maven reporters caused by Hudson core problem. (issue 4192)
Show warning if zero value entered for #builds/#days to save for discarding old builds (issue 4110)
Added create-job CLI command.
Hudson now tracks why an agent is put offline. (issue 2431)
User-settable descriptions for tests.
A history page with test count and duration charts. (issue 2228)
A collapsible panel with test error details on the overview pages.
Skipped tests counts are included in tables. (issue 1820)
New tests are shown in bold. (issue 2046)
JUnit report improvements: A new extension point for contributing to test reports.

What's new in 1.319 (2009/08/08)

Improved the start up error handling with slave.jar -jnlpUrl option. (report)
Made hetero-list's include of descriptor config pages optional, so that descriptors without config.jelly files don't break page rendering. (See here for background.
Moved Maven help files to maven-plugin. (issue 3527)
Hudson shouldn't immediately launch an agent newly created via copy. report
Added support for optional alternate Maven settings file for use in embedded Maven for POM parsing as well as actual Maven execution. (issue 2575)
Added a test button to the PAM configuration to make sure Hudson has read access to /etc/shadow (report)
Users can define their own views
Added a /me url that points to the current user
Added a new password parameter type to the parameterized builds. (report)
Matrix projects can now run sequentially (issue 3028)
Hudson now allows builds of a single project to execute concurrently.

What's new in 1.318 (2009/07/31)

Removed a problematic MIME type entry that prevents Hudson from deploying on JOnAS. (report)
Hudson can't restart itself on Mac, so don't pretend that it can. (report)
Fixed Maven plugin to properly use private repository (when specified) when parsing POMs. (issue 4102)
Edit Description worked incorrectly when default view is changed from All jobs. (issue 4070)
Fixed a bug in JDK auto-installation to Windows with directories with whitespaces. (issue 4118)
Added support for incremental Maven project builds, using Maven's make-like reactor mode.
Script console can now see classes from all the plugins, not just core. (issue 4086)
slave.jar now has the -auth option to specify the credential for accessing Hudson (report)
Debian package now depends on java2-runtime-headless instead of java2-runtime
Actions can now contribute environment variables. (report)
Modified the reconnection logic for agents connecting via JNLP so that it works better with protected Hudson. (report)

What's new in 1.317 (2009/07/24)

Fixed a bug in inferring root DN in non-anonymous LDAP environment. (report)
Fixed a MissingResourceException for "Ajp13Listener.ShortPacket" (issue 4053)
Fixed 500 error when requesting the zip URL. (issue 4039)
Debian package now has 750 permission on /var/run/hudson and /var/lib/hudson to make ssh work (issue 4047)
Fixed LinkageError in PAM authentication on Solaris. (issue 3546)
Fixed a JDK path separator issue between Windows controller and Unix agents.
Fixed a memory leak in the remoting layer. (issue 4045)
Fixed Maven dependency build order logic. (issue 2736)
Renaming views and jobs, and deleting jobs should use POST instead of GET. (discussion)
Improved the error diagnosis of "Processing failed due to a bug in the code"
Agents expose more information via the remote API now.
Exported BUILD_ID to the remote API. (report)
Don't let the agent TCP/IP connection port failure to prevent Hudson start up. (report)
If the user sets up "Hudson's own" security realm, UI now asks the first admin user to be created.
Windows service now does log rotation and handles whitespace in path correctly. (This is only applicable to newly installed services.) (report)

What's new in 1.316 (2009/07/17)

Matrix configuration should show a test trend. (issue 840)
Fixed a possible NPE in installing Windows service. (report)
Fixed a possible NPE in CrumbFilter.getCrumbIssuer. (issue 3986)
Login may result in 403 if the user realm is delegated to container. (issue 1235)
The --logfile option stopped working on Windows. (issue 3272)
On-demand retention policy almost immediately turns off agents. (issue 3972)
Fixed "incomplete LifecycleExecutor" warning with Maven 2.2 (issue 2373)
Fixed a bug in Winstone that may result in "unable to create new native thread" error (report)
Fixed a possible NPEs with the slavestatus plugin. (report)
Fixed a possible StringIndexOutOfBoundsException with Windows process execution. (issue 4034)
Fixed an NPE when environment variables are enabled but no variables are set. (issue 4032)
Added ibm-web-bnd.xmi to simplify the automated deployment with WebSphere. (issue 3270)
When deleting the workspace of a matrix project, do so for all configurations. (issue 3087)
Enclose URLs in angle brackets when sending mail. (issue 3647)
Plugins can now hide classes in the core so that they can ship their own versions. (report)
The default view is now configurable.
Tentatively added additional extension points to control queue behaviors. (patch)
Added support for proxy authentication on non-NTLM systems (issue 1920)
Added MIME type mapping for several well-known file extensions so that it works everywhere. (issue 3803)

What's new in 1.315 (2009/07/10)

Hudson failed to notice a build result status change if aborted builds were in the middle. (report)
TCP/IP hostname calculation of agents may fail due in high latency network. (issue 3981)
Expose MAVEN_OPTS as env. var, in addition to set it to Maven JVM. (issue 3644)
Fixed winp.dll load problem on WebSphere (report)
Subversion checkouts created files for symlinks (issue 3949)
Hudson CLI now tries to connect to Hudson via plain TCP/IP, then fall back to tunneling over HTTP.
Added ability to exclude by author and revision property with Subversion polling trigger.
CLI agents show details of how it failed to connect. (report)

What's new in 1.314 (2009/07/02)

Fixed a possible "Cannot create a file when that file already exists" error in managed Windows agent launcher. report
Made Hudson more robust in parsing CVS/Entries report
Fixed a regression in the groovy CLI command report
Fixed regression in handling of usernames containing <, often used by Mercurial. (issue 3964)
Allow Maven projects to have their own artifact archiver settings. (issue 3289)

What's new in 1.313 (2009/06/26)

Added copy-job, delete-job, enable-job, and disable-job command.
Fixed a bug in the non-ASCII character handling in remote bulk file copy. (report)
Supported self restart on all containers in Unix (report)
Added Retry Logic to SCM Checkout
Fix bug in crumb validation when client is coming through a proxy. (issue 3854)
Replaced "appears to be stuck" with an icon. (issue 3891)
WebDAV deployment from Maven was failing with VerifyError.
Subversion checkout/update gets in an infinite loop when a previously valid password goes invalid. (issue 2909)

What's new in 1.312 (2009/06/23)

1.311 jars were not properly signed
Subversion SCM browsers were not working. (report)

What's new in 1.311 (2009/06/19)

Gracefully handle IBM JVMs on PowerPC. (issue 3875)
Fixed NPE with GlassFish v3 when CSRF protection is on. (issue 3878)
Fixed a bug in CLI where the state of command executions may interfere with each other.
CLI should handle the situation gracefully if the server doesn't use crumb.
Fixed a performance problem in CLI execution.
Don't populate the default value of the Subversion local directory name. (report)
Integrated SVNKit 1.3.0
Implemented more intelligent polling assisted by commit-hook from SVN repository. (details)
Subversion support is moved into a plugin to isolate SVNKit that has GPL-like license.
Fixed a performance problem in controller/agent file copy. (issue 3799)
Set time out to avoid infinite hang when SMTP servers don't respond in time. (report)

What's new in 1.310 (2009/06/14)

Ant/Maven installers weren't setting the file permissions on Unix. (issue 3850)
Fixed cross-site scripting vulnerabilities, thanks to Steve Milner.
Changing number of executors for master node required Hudson restart. (issue 3092)
Improved validation and help text regarding when number of executors setting may be zero. (issue 2110)
NPE fix in the remote API if @xpath is used without @exclude. (patch)
Expose the node name as 'NODE_NAME' environment varilable to build.
Added a CLI command to clear the job queue. (report)
Sundry improvements to automatic tool installation. You no longer need to configure an absolute tool home directory. Also some Unix-specific fixes.
Generate nonce values to prevent cross site request forgeries. Extension point to customize the nonce generation algorithm.

What's new in 1.309 (2009/05/31)

Reimplemented JDK auto installer to reduce Hudson footprint by 5MB. This also fix a failure to run on JBoss. (report)

What's new in 1.308 (2009/05/28)

Unit test trend graph was not displayed if there's no successful build. (report)
init script ($HUDSON_HOME/init.groovy) is now run with uber-classloader.
Maven2 projects may fail with "Cannot lookup required component". (issue 3706)
Toned down the form validation of JDK, Maven, Ant installations given that we can now auto-install them.
Ant can now be automatically installed from ant.apache.org.
Maven can now be automatically installed from maven.apache.org.

What's new in 1.307 (2009/05/22)

AbstractProject.doWipeOutWorkspace() wasn't calling SCM.processWorkspaceBeforeDeletion. (issue 3506)
X-Hudson header was sent for all views, not just the top page. (report)
Remote API served incorrect absolute URLs when Hudson is run behind a reverse proxy. (report)
Further improved the JUnit report parsing. (report)
External job monitoring was ignoring the possible encoding difference between Hudson and the remote machine that executed the job. (report)
Agent launch log was doing extra buffering that can prevent error logs (and so on) from showing up instantly. (report)
Some failures in Windows batch files didn't cause Hudson to fail the build. (report)

What's new in 1.306 (2009/05/16)

Maven 2.1 support was not working on agents. (report)

What's new in 1.305 (2009/05/16)

Fixed a bug that caused Hudson to delete agent workspaces too often. (issue 3653)
If distributed build isn't enabled, agent selection drop-down shouldn't be displayed in the job config.
Added support for Svent 2.x SCM browsers. (issue 3357)
Fixed unexpanded rootURL in CLI. (report)
Trying to see the generated maven site results in 404. (issue 3497)
Long lines in console output are now wrapped in most browsers.
Hudson can now automatically install JDKs from java.sun.com
The native m2 mode now works with Maven 2.1 (issue 2373)

What's new in 1.304 (2009/05/08)

CLI didn't work with "java -jar hudson.war" (report)
Link to the jar file in the CLI usage page is made more robust. (issue 3621)
"Build after other projects are built" wasn't loading the proper setting. (issue 3284)
Hudson started as "java -jar hudson.war" can now restart itself on all Unix flavors.
When run on GlassFish, Hudson configures GF correctly to handle URI encoding always in UTF-8
Added a new extension point to contribute fragment to UDP-based auto discovery.
Rolled back changes for JENKINS-3580 - workspace is once again deleted on svn checkout. (issue 3580)

What's new in 1.303 (2009/05/03)

Fixed a binary incompatibility in UpstreamCause that results in NoSuchMethodError. Regression in 1.302. (report)
The "groovysh" CLI command puts "println" to server stdout, instead of CLI stdout.

What's new in 1.302 (2009/05/01)

The elusive 'Not in GZIP format' exception is finally fixed thanks to cristiano_k's great detective work (issue 2154)
Hudson kept relaunching the agent under the "on-demand" retention strategy. (report)
Extra slash (/) included in path to workspace copy of svn external. (issue 3533)
NPE prevents Hudson from starting up on some environments (report)
Workspace deleted when subversion checkout happens. (issue 3580)
Hudson now handles unexpected failures in trigger plugins more gracefully.
Use 8K buffer to improve remote file copy performance. (issue 3524)
Hudson now has a CLI
Hudson's start up performance is improved by loading data concurrently.

What's new in 1.301 (2009/04/25)

When a SCM plugin is uninstalled, projects using it should fall back to "No SCM".
When polling SCMs, boolean parameter sets default value collectly.
Sidebar build descriptions will not have "..." appended unless they have been truncated. (issue 3541)
Workspace with symlink causes svn exception when updating externals. (issue 3532)
Hudson now started bundling SSH Build Agents plugin out of the box.
Added an extension point to programmatically contribute a Subversion authentication credential. (report)
You can now configure which columns are displayed in a view. "Last Stable" was also added as an optional column (not displayed by default). (issue 3465)
Preventive node monitoring like /tmp size check, swap space size check can be now disabled selectively. (issue 2596, issue 2552)
Per-project read permission support. (issue 2324)

What's new in 1.300 (2009/04/17)

Javadoc browsing broken since 1.297. (issue 3444)
Fixed a JNLP agent problem on JDK6u10 (and later)
Added @ExportedBean to DiskSpaceMonitorDescriptor#DiskSpace so that Remote API(/computer/api/) works
Fixed a Jelly bug in CVS after-the-fact tagging

What's new in 1.299 (2009/04/10)

Cross site scripting vulnerability in the search box. (issue 3415)
Auto-completion in the "copy job from" text box was not working. (issue 3396)
Allow descriptions for parameters (issue 2557)
support for boolean and choice parameters (issue 2558)
support for run parameters. Allows you to pick one run from a configurable project, and exposes the url of that run to the build.
JVM arguments of JNLP agents can be now controlled. (issue 3398)
$HUDSON_HOME/userContent/ is now exposed under https://server/hudson/userContent/. (report)

What's new in 1.298

Release process failed in a wrong part and we ended up skipping this release number.

What's new in 1.297 (2009/04/06)

Fixed a plugin compatibility regression issue introduced in 1.296 (issue 3436)

What's new in 1.296 (2009/04/03)

Programmatically created jobs started builds at #0 rather than #1. (issue 3361)
Drop-down combobox to select a repository browser all had the same title. (report)
Disk space monitoring was broken since 1.294. (issue 3381)
Native m2 support is moved to a plugin bundled out-of-the-box in the distribution (issue 3251)
Hudson now suggests to users to create a view if there are too many jobs but no views yet.

What's new in 1.295 (2009/03/30)

NPE in the global configuration of CVS. (issue 3382)

What's new in 1.294 (2009/03/28)

Generated RSS 2.0 feeds weren't properly escaping e-mail addresses.
Hudson wasn't capturing stdout/stderr from Maven surefire tests.
Improved the error diagnostics when retrieving JNLP file from CLI. (report)
Making various internal changes to make it easier to create custom job types.
Introduced a revised form field validation mechanism for plugins and core (FormValidation)
Hudson now monitors the temporary directory to forestall disk out of space problems.
XML API now exposes information about modules in a native Maven job.

What's new in 1.293 (2009/03/20)

ZIP archives created from workspace contents will render properly in Windows' built-in "compressed folder" views. (issue 3294)
Fixed an infinite loop (eventually leading to OOME) if Subversion client SSL certificate authentication fails. (report)
NPE from artifact archiver when an agent is down. (issue 3330)
Hudson now monitors the disk consumption of HUDSON_HOME by itself.

What's new in 1.292 (2009/03/13)

Fixed the possible "java.io.IOException: Not in GZIP format" problem when copying a file remotely. (issue 3134)
Tool location name in node-specific properties always showed first list entry instead of saved value. (issue 3264)
Parse the Subversion tunnel configuration properly. (report)
Improved JUnit result display to handle complex suite setups involving non-unique class names. (issue 2988)
If the controller is on Windows and agent is on Unix or vice versa, PATH environment variable was not properly handled.
Improved the access denied error message to be more human readable. (report)

What's new in 1.291 (2009/03/10)

api/xml?xpath=...&wrapper=... behaved inconsistently for results of size 0 or 1. (issue 3267)
Fixed NPE in the WebSphere start up. (issue 3069)
Fixed a bug in the parsing of the -tunnel option in slave.jar (issue 2869)
Updated XStream to support FreeBSD. (issue 2356)
Only show last 150KB of console log in HTML view, with link to show entire log (issue 261)
Can specify build cause when triggering build remotely via token (issue 324)
Recover gracefully from failing to load winp. (report)

What's new in 1.290 (2009/03/06)

Fixed a regression in 1.286 that broke findbugs and other plugins. (report)
Fixed backward compatibility problem with the old audit-trail plugin and the old promoted-build plgin. (report, report)
On Solaris, ZFS detection fails if $HUDSON_HOME is on the top-level file system.
Fixed a regression in the fingerprinter & archiver interaction in the matrix project (report)
Added usage screen to slave.jar. Agents now also do ping by default to proactively detect failures in the controller. (from IRC)

What's new in 1.289 (2009/03/05)

Could not run java -jar hudson.war using JDK 5. (issue 3200)
Infinite loop reported when running on Glassfish. (issue 3163)
Hudson failed to poll multiple Subversion repository locations since 1.286. (issue 3168)
Avoid broken images/links in matrix project when some combinations are not run due to filter. (issue 3167)
Add back LDAP group query on uniqueMember (lost in 1.280) and fix memberUid query (issue 2256)
Adding an agent node was not possible in French locale (issue 3156)
External builds were shown in Build History of all agent nodes
Renewed the certificate for signing hudson.war (report)
Do not archive empty directories. (issue 3227)
Hyperlink URLs in JUnit output. (issue 3225)
Automatically lookup email addresses in LDAP when LDAP authentication is used (issue 1475)

What's new in 1.288 (2009/03/03)

The project-based security configuration didn't survive the configuration roundtrip since 1.284. (issue 3116)
Form error check on the new node was checking against job names, not node names. (issue 3176)
Plugin class is now optional.
Display a more prominent message if Hudson is going to shut down.
Builds blocked by the shut-down process now reports its status accordingly. (issue 3152)

What's new in 1.287 (2009/02/27)

Custom widgets were not rendered. (issue 3161)
Fixed a regression in 1.286 about handling form field validations in some plugins. (report)
Improved the robustness in changelog computation when a build fails at check out. (report)
Fixed a bug in loading winp.dll when directory names involve whitespaces. (issue 3111)
Switched to Groovy 1.6.0, and did so in a way that avoids some of the library conflicts, such as asm. (report)

What's new in 1.286 (2009/02/26)

Fixed NPE in Pipe.EOF(0) (issue 3077)
Improved error handling when Maven fails to start correctly in the m2 project type. (issue 2394)
Improved the error handling behaviors when non-serializable exceptions are involved in distributed operations. (issue 1041)
Allow unassigning a job from a node after the last agent node is deleted. (issue 2905)
Fix "Copy existing job" autocomplete on new job page if any existing job names have a quote character.
Keep last successful build (or artifacts from it) now tries to keep last stable build too. (issue 2417)
LDAP authentication realm didn't support the built-in "authenticated" role. (report)
Added RemoteCause for triggering build remotely.
Hudson is now capable of launching Windows agent headlessly and remotely.
Better SVN polling support - Trigger a build for changes in certain regions. (issue 3124)
New extension point NodeProperty.
Internal restructuring for reducing singleton dependencies and automatic Descriptor discovery.

What's new in 1.285 (2009/02/19)

Build parameter settings are lost when you save the configuration. Regression since 1.284. (report)
Indicate the executors of offline nodes as "offline", not "idle" to avoid confusion. (issue 2263)
Fixed a boot problem in Solaris < 10. (issue 3044)
In matrix build, show axes used for that build rather than currently configured axes. (issue 2407)
Don't let containers persist authentication information, which may not deserialize correctly. (report)
Always use some timeout value for Subversion HTTP access to avoid infinite hang in the read.
Better CVS polling support - Trigger a build for changes in certain regions. (issue 3123)

What's new in 1.284 (2009/02/17)

ProcessTreeKiller was not working on 64bit Windows, Windows 2000, and other minor platforms like PowerPC. (issue 3050, issue 3060)
Login using Hudson's own user database did not work since 1.283. (issue 3043)
View of parameters used for a build did not work since 1.283. (issue 3061)
Equal quiet period and SCM polling schedule could trigger extra build with no changes. (issue 2671)
Fix localization of some messages in build health reports. (issue 1670)
Fixed a possible memory leak in the distributed build. (report)
Suppress more pointless error messages in Winstone when clients cut the connection in the middle. (report)

What's new in 1.283

Fixed a concurrent build problem in the parallel parameterized build. (issue 2997)
Maven2 job types didn't handle property-based profile activations correctly. (issue 1454)
LDAP group permissions were not applied when logged in via remember-me cookie. (issue 2329)
Record how each build was started and show this in build page and remote API. (issue 291)
Added the --version option to CLI to show the version. The version information is also visible in the help screen. (report)
Hudson's own user database now stores SHA-256 encrypted passwords instead of reversible base-64 scrambling. (issue 2381)
Built-in servlet container no longer reports pointless error messages when clients abort the TCP connection. (report)
On Solaris, Hudson now supports the migration of the data to ZFS.
Plugin manager now honors the plugin URL from inside .hpi, not just from the update center. (report)
Hudson will now kill all the processes that are left behind by a build, to maintain the stability of the cluster. (issue 2729)

What's new in 1.282 (2009/02/08)

Matrix security username/groupname validation required admin permission even in project-specific permissions
Fixed a JavaScript bug in agent configuration page when locale is French. (report)
File upload from HTML forms doesn't work with Internet Explorer. (report)
Jobs now expose JobProperties via the remote API. (issue 2990)
Hudson now responds to a UDP packet to port 33848 for better discovery.
Improved the error diagnostics when XML marshalling fails. (report)

What's new in 1.281 (2009/02/05)

Remote API access to test results was broken since 1.272. (issue 2760)
Fixed problem in 1.280 where saving top-level settings with LDAP authentication resulted in very large config.xml (issue 2958)
Username/groupname validation added in 1.280 had broken images, and got exception in groupname lookup with LDAP. (issue 2959)
hudson.war now supports the --daemon option for forking into background on Unix.
Remote API supports stdout/stderr from test reports. (issue 2760)

What's new in 1.280 (2009/02/01)

Fixed unnecessary builds triggered by SVN polling (issue 2825)
Hudson can now run on JBoss5 without any hassle. (issue 2831)
Matrix security configuration now validates whether the username/groupname are valid.
"Disable build" checkbox was moved to align with the rest of the checkboxes. (issue 2951)
Added an extension point to manipulate Launcher used during a build.

What's new in 1.279 (2009/01/28)

Fixed a security related regression in 1.278 where authorized users won't get access to the system. (issue 2930)
Possible subversion polling problems due to debug code making polling take one minute, since 1.273. (issue 2913)
Computer page now shows the executor list of that computer. (issue 2925)
Maven surefire test recording is made robust when clocks are out of sync (report)
Matrix project type now supports sparse matrix. (issue 2813)
Plugins can now add a new column to the list view. (issue 2862)

What's new in 1.278 (2009/01/23)

The "administer" permission should allow a person to do everything. (discussion)
Parameterized projects supported for matrix configurations (issue 2903)
Improved error recovery when a build fails and javadoc/artifacts weren't created at all.
Support programmatic scheduling of parameterized builds by HTTP GET or POST to /job/.../buildWithParameters (issue 2409)
Create "lastStable" symlink on the file system to point to the applicable build. (report)

What's new in 1.277 (2009/01/20)

"Installing slave as Windows service" feature was broken since 1.272 (issue 2886)
Top level People page showed no project information since 1.269. (report)
Agent configuration page always showed "Utilize as much as possible" instead of saved value since 1.271. (issue 2878)
Require build permission to submit results for an external job. (issue 2873)
With the --logfile==/path/to/logfile option, Hudson now reacts SIGALRM and reopen the log file. This makes Hudson behave nicely wrt log rotation.

What's new in 1.276 (2009/01/16)

Ok button on New View page was always disabled when not using project-specific permissions. (issue 2809)
Fixed incompatibility with JBossAS 5.0. (issue 2831)
Unit test in plugin will now automatically load the plugin. (discussion)
Added direct configuration links for the "manage nodes" page. (discussion)
If a build has no change, e-mail shouldn't link to the empty changeset page.

What's new in 1.275 (2009/01/15)

Display of short time durations failed on locales with comma as fraction separator. (issue 2843)
Saving main Hudson config failed if more than one plugin used Plugin/config.jelly.
Added a scheduled agent availability.
Hudson supports auto-upgrade on Solaris when managed by SMF.
Removed unused spring-support-1.2.9.jar from Hudson as it was interfering with the Crowd plugin. (report)
Debian package now has the RUN_STANDALONE switch to control if hudson should be run as a daemon. (report)

What's new in 1.274 (2009/01/12)

Failure to compute Subversion changelog should result in a build failure. (issue 2461)
XML API caused NPE when xpath=... is specified. (issue 2828)
Artifact/workspace browser was unable to serve directories/files that contains ".." in them. (report)
Hudson renders durations in milliseconds if the total duration is very short. (report)
On Unix, Hudson will contain symlinks from build numbers to their corresponding build directories.

What's new in 1.273 (2009/01/11)

Load statistics chart had the blue line and the red line swapped. (issue 2818)
Artifact archiver and workspace browser didn't handle filenames with spaces since 1.269. (issue 2793)
The executor status and build queue weren't updated asynchronously in the "Manage Nodes" page. (issue 2821)
If SCM polling activities gets clogged, Hudson shows a warning in the management page. (issue 1646)
Added AdministrativeMonitor extension point for improving the autonomous monitoring of the system in Hudson.

What's new in 1.272 (2009/01/10)

Sometimes multi-line input field is not properly rendered as a text area. (issue 2816)
Hudson wasn't able to detect when .NET was completely missing. (report)
Fixed a bug where the "All" view can be lost if upgraded from pre-1.269 and the configuration is reloaded from disk without saving. (report)
If for some reason "All" view is deleted, allow people to create it again. (report)
JNLP agents is made more robust in the face of configuration errors. (report)
Upgraded JNA to 3.0.9 to support installation as a service on 64bit Windows. (report)
Remote XML API now supports the 'exclude' query parameter to remove nodes that match the specified XPath. (report)

What's new in 1.271 (2009/01/09)

Fix URLs in junit test reports to handle some special characters. (issue 1768, issue 2788)
Project name for external job was not shown in Build History.
SecurityRealms can now better control the servlet filter chain. (report)
Configuration of agents are moved to individual pages.
Hudson now tracks the load statistics on agents and labels.
Labels can be now assigned to the master. (issue 754)
Added cloud support and internal restructuring to deal with this change. Note that a plugin is required to use any particular cloud implementation.

What's new in 1.270 (2009/01/05)

Hudson version number was not shown at bottom of pages since 1.269.
Hudson system message was not shown on main page since 1.269.
Top level /api/xml wasn't working since 1.269. (issue 2779)
Fix posting of external job results. (issue 2786)
Windows service wrapper messes up environment variables to lower case. (report and WINSW-161)
Construct proper Next/Previous Build links even if request URL has extra slashes. (issue 1457)
Subversion polling didn't notice when you change your project configuration. (report)

What's new in 1.269 (2009/01/05)

Manually making a Maven project as upstream and free-style project as a downstream wasn't working. (issue 2778)
Allow BuildWrapper plugins to contribute project actions to Maven2 jobs (issue 2777)
Error pages should return non-200 HTTP status code.
Logger configuration wasn't working since 1.267.
Fix artifact archiver and workspace browser to handle filenames that need URL-encoding. (issue 2379)
Only show form on tagBuild page if user has tag permission. (issue 2366)
Don't require admin permission to view node list page, just hide some columns from non-admins. (issue 1207)
Fix login redirect when anonymous user tries to access some pages. (issue 2408)
Redirect up to build page if next/previousBuild link jumps to an action not present in that build. (issue 117)
Subversion checkout/update now supports fixed revisions. (issue 262)
Views are now extensible and can be contributed by plugins. (issue 234)

What's new in 1.268 (2008/12/28)

Fixed a bug in Subversion http check out over HTTP 1.0 server. (report)
Show badge in bug history only when artifacts are redeployed successfully. (issue 2764)
Some plugins cause NPE in the form validation of the config screen since 1.267. (issue 2771)

What's new in 1.267 (2008/12/24)

If a view name or job name contains whitespace, the navigation bar doesn't show the current positions correctly. (issue 2748)
Field validators in configure screen shouldn't require the admin permission where possible. (issue 2715)
Field validators for workspace file/directory/mask were missing a permission check. (issue 2755)
Project-based permissions granted to Anonymous were not applied to Everyone. (issue 2745)
Add health report in build history widget on project pages. (issue 2763)
If AWT doesn't work, Hudson reports an error now.
Improved logging facility.
Working around HttpServletResponse.sendRedirect() problem in WebSphere. (report)

What's new in 1.266 (2008/12/19)

If there was no successful build, test result trend wasn't displayed. (report)
Windows service installer wasn't handling the situation correctly if Hudson is started at the installation target. (report)
Always display the restart button on the update center page, if the current environment supports it. (report)
slave.jar now supports the -noCertificateCheck to bypass (or cripple) HTTPS certificate examination entirely. Useful for working with self-signed HTTPS that are often seen in the intranet. (discussion)
Add extension point to allow alternate update centers. (issue 2732)
Improved accessibility for visually handicapped.

What's new in 1.265 (2008/12/17)

PluginWrapper.getLongName() always returned short name because it uses wrong property name. (discussion)
Follow up fix to the StAX issue. (issue 2547)
Fixed inconsistencies in matrix security / authorization. (issue 1345)
Fixed NPE in Subversion enter credential page. (issue 2698)
UI fix for per-project security mode. (issue 2727)
Removed some links from the computer page if the current user lacks permissions. (issue 2730)
Show description on agent node status page (issue 1061)
Views should show display actions contributed to the top page. (issue 2713)
In project-based matrix security, global setting should be inherited to per-job setting. (issue 2186)

What's new in 1.264 (2008/12/16)

Hudson reportedly used to invoke Java plugin unnecessarily. This is fixed. (issue 2694)
Added anonymous usage statistics tracking with opt-out. (discussion)
Add available artifacts to XML API. (issue 2249)
Bumped up Groovy to 1.5.7. (issue 2191)
Can now append /*plain* to directory browsing in the workspace to get a plain-text dir listing.

What's new in 1.263 (2008/12/11)

Fixed a problem in handling of '\' introduced in 1.260. (issue 2584)
Fixed possible NPE when rendering a build history after an agent removal. (issue 2622)
JNLP descriptor shouldn't rely on the manually configured root URL for HTTP access. (discussion)
Use unique id which javascript uses when removing users from Matrix-based security. (issue 2652)
Hudson is now made 5 times more conservative in marking an item in the queue as stuck. (issue 2618)
Improved the variable expansion mechanism in handling of more complex cases.
XPath matching numbers and booleans in the remote API will render text/plain, instead of error.

What's new in 1.262 (2008/11/14)

Fixed a Java6 dependency crept in in 1.261. (issue 2623)
Setting up a manual dependency from a freestyle project to a Maven project didn't work. (report)
Use Project Security setting wasn't being persisted. (issue 2305)
Agent installed as a Windows service didn't attempt automatic reconnection when initiail connection fails. (report)
Maven builder has the advanced section in the freestyle job, just like Ant builder. (report)

What's new in 1.261 (2008/11/11)

Using Maven inside a matrix project, axes were not expanded in the maven command line. (report)
Fixed authentication so that login successfully after signing up. (issue 2594)
Fixed Project-based Matrix Authorization Strategy reverting to Matrix Authorization Strategy after restarting Hudson (issue 2305)
LDAP membership query now recognizes uniqueMember and memberUid (issue 2256)
If a build appears to be hanging for too long, Hudson turns the progress bar to red.

What's new in 1.260 (2008/11/05)

Fixed tokenization handling in command line that involves quotes (like -Dabc="abc def" (issue 2584)
Hudson wasn't using persistent HTTP connections properly when using Subversion over HTTP.
Fixed svn:executable handling on 64bit Linux systems.
When a build is aborted, Hudson now kills all the descendant processes recursively to avoid run-away processes. This is available on Windows, Linux, and Solaris. Contributions for other OSes welcome.
Improved error diagnostics in the update center when the proxy configuration is likely necessary. (discussion)
Improved error diagnostics when a temp file creation failed. (issue 2587)

What's new in 1.259 (2008/11/03)

If a job is cancelled while it's already in the queue, remove the job from the queue. (report)
Installing Hudson as a Windows service requires .NET 2.0 or later. Hudson now checks this before attempting a service installation.
On Hudson installed as Windows service, Hudson can now upgrade itself when a new version is available.
Hudson can now be pre-packaged with plugins. (report)
Supported the javadoc:aggregate goal (issue 2562)
Bundled StAX implementation so that plugins would have easier time using it. (issue 2547)

What's new in 1.258 (2008/10/30)

Fixed a class incompatibility introduced in 1.257 that breaks TFS and ClearCase plugins. (report)
Fixed a NPE when dealing with broken Action implementations. (issue 2527)

What's new in 1.257 (2008/10/28)

Fixed an encoding issue when the controller and an agent use incompatible encodings.
Permission matrix was missing tooltip text. (report)
Parameter expansion in Ant builder didn't honor build parameters. (report)
Added tooltip for 'S' and 'W' in the top page for showing what it is. (report)
Expanded the remote API to disable/enable jobs remotely.

What's new in 1.256 (2008/10/24)

Hudson had two dom4j.jar that was causing a VerifyError in WebSphere. (issue 2435)
Fixed NPE in case of changelog.xml data corruption (issue 2428)
Improved the error detection when a Windows path is given to a Unix agent. (report)
Automatic dependency management for Maven projects can be now disabled. (issue 1714)

What's new in 1.255 (2008/10/01)

Project-level ACL matrix shouldn't display "CREATE" permission. (report)
Fixed the serialized form of project-based matrix authorization strategy.
Fixed a bug where Hudson installed as service gets killed when the interactive user logs off. (report)
Timer-scheduled build shouldn't honor the quiet period. (report)
Hudson agent launched from JNLP is now capable of installing itself as a Windows service.

What's new in 1.254 (2008/09/26)

IllegalArgumentException in DeferredCreationLdapAuthoritiesPopulator if groupSearchBase is omitted. (report)
Fixed "Failed to tag" problem when tagging some builds (issue 2213)
Hudson is now capable of installing itself as a Windows service.
Improved the diagnostics of why Hudson needs to do a fresh check out. (report)

What's new in 1.253 (2008/09/24)

Fixed FormFieldValidator check for Windows path (issue 2334)
Support empty cvs executable and Shell executable on configure page (issue 1851)
Fixed parametric Project build when scheduled automatically from SCM changes (issue 2336)
"Tag this build" link shouldn't show up in the navigation bar if the user doesn't have a permission. (issue 2380)
Improved LDAP support so that it doesn't rely on ou=groups.
Project-based security matrix shouldn't show up in project config page unless the said option is enabled in the global config
Fixed NPE during the sign up of a new user (issue 2376)
Suppress the need for a scroll-bar on the configure page when the PATH is very long (issue 2317)
Now UserProperty objects can provide a summary on a user's main page. (issue 2331)
Validate Maven installation directory just like Ant installation (issue 2335)
Show summary.jelly files for JobProperties in the project page (issue 2398)
Improvements in French and Japanese localization.
JNLP agents now support port tunneling for security-restricted environments.
slave.jar now supports a proactive connection initiation (like JNLP agents.) This can be used to replace JNLP agents, especially when you want to run it as a service. (issue 779)
Added a new extension to define permalinks
Supported a file submission as one of the possible parameters for a parameterized build.
The logic to disable agents based on its response time is made more robust, to ignore temporary spike.
Improved the robustness of the loading of persisted records to simplify plugin evolution.

What's new in 1.252 (2008/09/02)

Fixed a queue persistence problem where sometimes executors die with NPEs.
PageDecorator with a global.jelly is now shown in the System configuration page (issue 2289)
On security-enabled Hudson, redirection for a login didn't work correctly since 1.249. (issue 2290)
Hudson didn't give SCMs an opportunity to clean up the workspace before project deletion. (issue 2271)
Subversion SCM enhancement for allowing parametric builds on Tags and Branches. (issue 2298)

What's new in 1.251 (2008/08/22)

JavaScript error in the system configuration prevents a form submission. (issue 2260)

What's new in 1.250 (08-22-2008)

Fixed NPE in the workspace clean up thread when the agent is offline. (issue 2221)
Hudson was still using deprecated configure methods on some of the extension points. (report)
Abbreviated time representation in English (e.g., "seconds" -> "secs") to reduce the width of the job listing. (issue 2251)
Added LDAPS support (issue 1445)

What's new in 1.249 (08-19-2008)

JNLP agent fails to launch when the anonymous user doesn't have a read access. (report)
Trying to access protected resources anonymously now results in 401 status code, to help programmatic access.
When the security realm was delegated to the container, users didn't have the built-in "authenticated" role.
Fixed IllegalMonitorStateException (issue 2230)
Introduced a mechanism to perform a bulk change to improve performance (and in preparation of version controlling config files)

What's new in 1.248 (08-15-2008)

Update center was failing to handle SNAPSHOTs correctly. (issue 2220)
Changed the servlet filter ordering to match Acegi documentation. (issue 2215)
Added an ability to manually wipe out the workspace.

What's new in 1.247 (08-12-2008)

Don't repeat the same "No suitable implementation found" error again and again in the log. (issue 2194)
Added a callback so that SCMs (like Perforce) can properly delete the workspace when workspaces on agents are garbage collected. (discussion)
Added a new extension point to listen to agent connection/disconnection activity.
Added a new RSS feed type that only shows the latest builds. (issue 1569)
Put the admin e-mail address to the RSS author field. (issue 179)
Detect the updates to hudson.war and report it. (discussion)

What's new in 1.245 (08-06-2008)

Fixed a regression introduced in 1.244 that causes NPE in Ant.perform() (issue 2177)

What's new in 1.244 (08-06-2008)

Fixed a bug with "mvn assembly:directory" in the native m2 job type. (issue 2122)
Improved the error diagnostics when Ant configuration is missing in the freestyle job. (issue 2163)
Link to security matrix table CSS was not working. (issue 2170)
Added a new extension point called "PageDecorator" to add HTML fragments to all pages. (discussion)
Improved the error detection of missing Maven configuration in the native m2 job. (report)
Recover from corrupted fingerprint records in certain cases. (issue 2012)

What's new in 1.243 (08-05-2008)

Launch Maven in the non-interactive mode. (report)
Improved Sventon integration to link to directories as well as files. (patch)
Hudson now uses Subversion 1.4 compatible format when creating a new workspace, while still supporting Subversion 1.5 compatible format if it's already there.
Progress in Japanese localization.
Monitor the response time of agents and cut unresponsive ones out.

What's new in 1.242 (08-01-2008)

Fixed a problem where not configuring Ant or Maven causes the global configuration submission to fail. This regression was introduced in 1.239. (report)
Fixed NPE in SVNKit. (report)

What's new in 1.241 (07-31-2008)

Fixed a data loss problem in Ant/Maven/etc global configuration when submitting a form. This regression was introduced in 1.239. (report, issue 2156)
Fixed a bug that prevented the matrix build job from loading correctly. This regression was introduced in 1.238. (report, issue 2140)

What's new in 1.240 (07-31-2008)

~~Fixed a bug that prevented the matrix build job from loading correctly~~. (report)
Fixed a suspected NPE in View.java:172 (report)

What's new in 1.239 (07-30-2008)

Fixed a JavaScript error in project-based matrix security. (discussion)
Issue a warning if 'localhost' is used as the URL. (discussion)
Made a patch to SVNKit to fix compatibility issues introduced by SVNKit 1.2.0 incorporated in 1.238.
Removed code duplication in the project-level matrix security feature.
Corrupted JUnit reports no longer cause a fatal problem. (discussion)

What's new in 1.238 (07-26-2008)

If forked Maven fails to start normally in the native m2 job type, Hudson was hanging.
Quiet period implementation is changed to work like what most people would expect. (discussion)
TCP port configuration on the controller for JLNP agents was not taking effect. (discussion)
Fixed a regression in the Debian package introduced in 1.237. (issue 2090)
Fixed "java.lang.SecurityException Changing the SecurityManager is not allowed" when launcing JNLP agents on some systems. (report)
Improved the error diagnostics when the text mode communication between the controller and agent sees illegal characters.
Simplified the form field validation logic in plugins. (report)
Brought in SVNKit 1.2.0-beta-2 to support svn:// access to Subversion 1.5 server. (issue 1856)

What's new in 1.237 (07-23-2008)

Fixed a possible NPE in parallel module builds in Maven.{noformat} (issue 2041)
If the remote shell that Hudson uses to launch an agent hangs, Hudson ended up forking a lot of remote shells. (issue 1705)
If e-mail delivery test fails, report a stack trace, not just the error message. (discussion)
Hudson now monitors execution of Maven report generation. (discussion)
Report test failure error message in JUnit report. (issue 2019)
Hudson now correctly notices when maven-javadoc-plugin is executed during site generation. (discussion)
Plugins can contribuet ServletFilter now. (issue 1573)
Plugins can be notified of a build start event. (issue 1915)
Access control model in Hudson internally is extended per job. UI to come. (issue 1504)
Builds can now take user-defined parameters given at the build schedule time. (issue 1914)

What's new in 1.236 (07-20-2008)

API .../computer/api/xml wasn't working. (issue 2097)
Fixed NPE in persisting a job when the security token is null. (issue 2089)
Installed plugin now has a link to Wiki. (discussion)
Improved the error detection for people who are trying to use network share for remote FS root. (discussion)
Improved the error diagnostics if "cvs log" fails. (discussion)
Extract the war file by default inside HUDSON_HOME by default. (issue 2098)

What's new in 1.235 (07-15-2008)

Read $M2_HOME/conf/setting.xml when doing Maven related things. (issue 1088)
Java 1.6 dependency crept into Hudson in 1.234. (issue 2063)
Patched jtidy locally to make Hudson work in WebSphere once again. (issue 1680)
Build history graph now shows unstable and aborted builds in proper color (discussion)

What's new in 1.234 (07-11-2008)

Fixed a concurrency issue around SimpleDateFormat. This manifests itself in many strange ways in a busy Hudson on a multi-core/socket systems.
Added a button to trigger status updates (issue 2013)
Improved the error handling for people who are trying to launch slave.jar outside Hudson and scratching their heads. (report)
Update center accepts HTTP proxy username/password. (issue 1833)

What's new in 1.233 (07-08-2008)

Debug exception message crept in to the trunk code. Regression in 1.232. (issue 2031)
Requiring HTTP POST to delete a job, to make this safer to expose as the remote API.
Adding a mechanism for plugins to contribute to the global configuration page directly.
Hudson can now monitor the swap space of agents.
Take the clock difference between controller and the agent into account when collecting test reports. (report)

What's new in 1.232 (07-03-2008)

Fixed an interference between auto refresh and inline description editing. (issue 193)
Fixed a bug in allowing plugins to contribute repository browsers (such as Trac.) (issue 1966)
Report an user friendly error message if the form was incomplete when copy a new job (issue 1953)
Fixed possible IndexOutOfRangeException when triggering downstream. (report)
Hudson can now discover the assembly files created by maven-assembly-plugin, even if they are not attached to the build. (report)
Executors are exposed to the remote API. (report)

What's new in 1.231 (07-02-2008)

Publisher.prebuild wasn't called for Maven builds. (report)
Fixed a bug in JNLP agent connection problems if the server runs behind a reverse proxy. (report)
Fixed possible NPE in attempting to save https://server/hudson/configureExecutors
Hudson now knows e-mail addresses of users in svn-based SourceForge projects. (issue 1979)
The remote API exposes all builds for a job with depth=2 or more. (report)
The remote API now exposes data as a Python script, in addition to existing JSON and XML. (report)
LDAP authentication now supports fine-tuning of group membership information. (issue 1971)
Javadoc archiver now has an option to keep javadoc for every successful build. (issue 1947)
When the agent has less than 1GB available disk space, Hudson will automatically mark the node as temporarily offline. (discussion)

What's new in 1.230 (06-27-2008)

Fixed a bug in launching JNLP agents when reverse proxy is involved. (report)
Upstream pseudo-trigger wasn't updating upstream m2 jobs correctly (or matrix job, for that matter.) (issue 1300)
Fixed a possible NPE in the form validation of project names.
Hudson now produces JSON with all the keys quoted.
Removed the assertion error inside layout.jelly / Functions.checkPermission (report)
Debian package improvements, notably run daemon as hudson user instead of root. (issue 1959)
More progress in German translation.

What's new in 1.229 (06-24-2008)

Start-up "Hudson is preparing to work" screen doesn't render with AssertionFailure. (issue 1936)
Changing a job name to the same name with different case resulted in an error. (report)

What's new in 1.228 (06-23-2008)

Plugin manager page wasn't hidden from anonymous users even when the security was enabled. (But the act of installation and so on was protected.) (issue 1875)
Hudson now ignores unrelated directories in $HUDSON_HOME/jobs. (Typically created by VCS.) (issue 1901)
Don't show build queue in Maven job pages if modules are not built in parallel. (issue 1892)
Update center now contains the brief overview for each plugin.
Update center now has links to Wiki. (issue 1896)
Update center now watches out for the need of proxy configuration and suggests a solution accordingly. (issue 1894)
If an SVN update fails because of pre-existing local files, revert to fresh check out. (issue 1882)
Fixed issue where agent configuration could not be saved. (issue 1913)
Hudson checks if the container uses UTF-8 to decode URls. (discussion)

What's new in 1.227 (06-20-2008)

Fixed a bug in configuring repository browsers. (issue 1891)
CVSROOT with "extssh" was incorrectly flagged as an error. (issue 1888)
Removed use of Calendar from the Run class to fix suspected thread safety related calendar corruption. (investigation)
Fixed an infinite redirect loop when Hudson is shutting down and the user is not authenticated. (issue 1872)
Hudson now notices that you run "mvn site" and archives its output automatically. (discussion)
Build queue is now exposed to the remote API. (issue 1886)

What's new in 1.226 (06-17-2008)

Anonymous user was able to modify user's description. This creates XSS vulnerability in Hudson. (issue 1868)
Attempting to fix the problem about "The internal default plexus-bootstrap.xml is missing" error. More reports appreciated. (discussion)
Take the -f option into account when auto-correcting the base directory. (issue 1782)
"Hudson is loading" page was supposed to return 503 but it wasn't doing it
BuildWrapper can now contribute project-level actions, too. (discussion)
Hudson now performs environment variable expansions for commands to be launched, like shell does. (discussion)

What's new in 1.225 (06-16-2008)

Fixed a leak in Winstone that can cause "ReqPool: Max requests in pool exceeded - denied" (issue 1838)
LDAP authentication with non-empty manager DN/password was not working correctly. (issue 1802)
Users had to have the Administer privilege to "Keep this Build Forever" or "Delete this Build". The Run|Update and Run|Delete privileges (correspondingly) control this now. (issue 1668)
NumberFormatException in log for variants where build numbers are non-numeric (issue 1815)
You can now use "#!/bin/perl" (or anything else) in shell script to run it with different script interpreters. (issue 1812)
On systems with agents you can now configure the utilization mode of master. (report)
You can now check when the update center obtained data from our server, as well as manually force update. (issue 1849)

What's new in 1.224 (06-13-2008)

"This is a tag, not a branch" option in CVS wasn't loaded in HTML page correctly, causing configuration loss.
Proxy setting in the update center was not working for HTTPS server. (report)
"Upload plugin" form was not working. (report)
Creating a view by using non-ASCII characters resulted in 404 during redirection. (issue 1853)
Re-implemented the proxy server support in the update center not to use system global properties. (issue 1841)

What's new in 1.223 (06-11-2008)

Users should be allowed to configure himself regardless of the permission setting.
Plugins that are already installed shouldn't show up in the "available" list. (discussion)
Fixed NPE when trying to reset the proxy setting in the update center (discussion)
"Hudson's own user database" can be now configured to prevent sign-up.
Administrator can now create user accounts for others (issue 1193)
Authentication failure now leaves the INFO log on Hudson server log.
Maven jobs can be now executed with its own private local Maven repository for better isolation. (issue 1044, issue 1282)

What's new in 1.222 (06-09-2008)

A build in progress shouldn't be deletable. (issue 1525)
JSONObject was null in UserPropertyDescriptor.newInstance(StaplerRequest, JSONObject). (issue 1793)
Downstream builds are now triggered in the dependency topological order to help reduce redundant builds. (patch)
Hudson now tries to auto-correct the problem when users makes a wrong assumption about the base directory against which the relative build.xml path is resolved. (issue 1782)
Hudson now has an update center to simplify the installation of new plugins.

What's new in 1.221 (06-04-2008)

Some test result pages were incorrectly using absolute URLs. (issue 1767)
Fixed a regression in 1.220 about a newly introduced permission. (issue 1773)
The sidepanel in the user page was empty because of the security changes in 1.220. (issue 1778
Improved the performance of the native Maven2 job types. (issue 1762, issue 1772)

What's new in 1.220 (06-02-2008)

Hudson added '/' to the menubar links incorrectly on some cases. (issue 1679)
Configuring a job required more permissions than it should have been. (issue 1750)
Improved error diagnosis in the subversion credential dialog. (discussion)
The Hudson Webstart application can now be started in a headless environment by setting the system property hudson.webstart.headless to true. (issue 1732)
Custom SMTP port can be specified for sending e-mail. (issue 984)
Hudson is now smart enough to avoid recording the same test result in files like TESTS-TestSuite.xml multiple times (discussion)
Added extensibility point for per-project security setting. (issue 1158)
Plugins can now contribute ServletFilters (issue 1573)

What's new in 1.219 (05-27-2008)

Hopefully fixed the hang issue with Windows & Maven2 builds. (issue 1458)
Hudson's own user database had a huge bug that everyone was automatically considered as a member of the "admin" group. (issue 1648)
When a job is being deleted, first disable the job to prevent concurrent builds.
Fixed NPE in fingerprinting. (issue 1672)
cc.xml reported incorrect lastBuildLabel and lastBuildTime. (issue 1734)
LDAP form validation didn't handle manager DN/password appropriately. (issue 1589)
Tagged builds now get a badge next to it, just like locked builds. (issue 1730)

What's new in 1.218 (05-21-2008)

Fixed NPE when launching a new agent. discussion
The Hudson Webstart application can now be started in a headless environment by setting the system property hudson.master.headless to true. (issue 1732)

What's new in 1.217 (05-21-2008)

1.216 introduced a dependency to Java6 report

What's new in 1.216 (05-21-2008)

Fixed a problem where Hudson CVS polling with CVSNT and pserver detects a phantom changes. discussion
Fixed a bug in handling svn:external (issue 1539)
When Hudson fails to successfully launch an agent, terminate the pending connection. (issue 1705)
java -jar hudson.war no longer uses a temporary directory to avoid interference with programs like tmpwatch (report 1, 2)
If the subversion workspace is locked, Hudson wipes it out and retries. (issue 1459)
Free-style project can now have a user-specified workspace. discussion
Improved the robustness of CVS version parsing. (issue 1696)
Agent start methods are now an extension point. (This is required to fix issue 877)
Configuration of the executors is split out from system configuration. (issue 1632)

What's new in 1.215 (05-16-2008)

Agent configuration fails to persist. (issue 1704)
Browser with JavaScript disabled should still be able to create a new job. (discussion)
More progress in Japanese localization.
Hudson now accepts SSH private key in the PuTTY's .ppk file format. (discussion)

What's new in 1.214 (05-14-2008)

After-the-fact deployment of artifacts stopped working since 1.212. (issue 1671)
Workspace no longer throws NPE when showing folders or files that Hudson does not have permission to read. (issue 1633)
Workspace no longer throws NPE if the last used agent for a job is offline. (issue 1657)
Controller on Java6 + agents on Java5 shouldn't cause NoSuchMethodError. (issue 1568)
Fixed incorrect test result links when project name contains spaces. (issue 1666)
More progress in Japanese localization.
Supported HTTP DELETE method on job top page to delete it. (discussion)

What's new in 1.213 (05-02-2008)

Auto refresh should be disabled on plugin management page and the SVN credential dialog. (report)
Reduced the size of test trend graph when the browser runs in a low resolution.
Hudson now handles aggregated javadoc in a m2 job correctly.
Be more forgiving in the specification of the root POM in the native m2 projects. (issue 1293)
Maven projects now support build wrappers. (patch)
Improved marking of mandatory fields in Add agent page. (issue 1530)
Added View workspace permission to the matrix-based security. (issue 434)

What's new in 1.212 (04-28-2008)

Starting this version, Hudson no longer installs remotely built Maven artifacts into the controller's ~/.m2 repository.
Fixed a possible infinite loop in class loading.
Improve the robustness of the CVS changelog parsing. (patch)
Auto-configured project dependency shouldn't get mixed up with manually added dependencies in the config page. (patch)
Build triggering needs to be done for automatically declared dependencies, even when no manual dependencies are specified. (discussion)
Fixed for "Modules" link from SCM polling page. (issue 1578)
Improved error diagnostics when the incorrect path to M2 is specified for the native m2 job type. (report)

What's new in 1.211 (04-24-2008)

Hudson disables a project with Subversion too eagerly, when the user makes a mistake in the SVN URL. (issue 1567)
Fixed a possible NPE when renaming an agent. (issue 1564)
In some circumstance, a cancelled build can also kill its next build. (issue 1583)
Hudson can now handle optional dependencies to other plugins. (report)

What's new in 1.210 (04-19-2008)

Hudson can now wipe out files in a directory even if the directory is not writable.
Distributed builds and native Maven job types were not working with OC4J. (report)
Version-less plugin dependency from m2 builds don't create erroneous upstream/downstream relationship. (report)
Hudson interprets Win32 error code and displays human readable error message. (report)
Tokenization now handles quotes and escapes like Unix shell does. (issue 1553)

What's new in 1.209 (04-16-2008)

Internet Explorer fails to submit a form. (issue 1538)
Upstream/downstream relationship in the mave2 job type now takes versions into account. (issue 1425)
Hudson incorrectly dropped XPP3 jar. (issue 1558)
~~Distributed builds and native Maven job types were not working with OC4J.~~ (report)

What's new in 1.207 (04-15-2008)

After-the-fact Maven deployment wasn't working for POM-only modules. (issue 1508)
Supported LDAP server that doesn't allow anonymous bind. (issue 1132)
Improved LDAP error diagnostics. Until the first successful authentication, login error will be reported at WARNING log level. (report)
Improved the loading of broken job data from disk. (issue 1537)
The first cut of Dutch localization is now available, thanks to Wim Rosseel

What's new in 1.206 (04-09-2008)

Fixed NPE in the SCM polling. (issue 1523)
Fixed a bad CSS link in the system configuration page. (issue 1526)
A build in progress shouldn't be deletable. (issue 1525)
Cancellation of a job during svn check out had undesirable side effect. (issue 1524)
Close stream more aggressively to prevent 0-byte changelog XML (issue 1509)
Don't display the login form when the access is denied (issue 1510)

What's new in 1.205 (04-08-2008)

Individual Maven module build records should be kept if the project build record is kept. (report)
Upstream/downstream build relationship among Maven2 jobs were not correctly tracked.
Added a new publisher that aggregates test results from downstream builds.
Remoting API now exposes information attached by plugins (issue 1473)
Fingperprint record format is improved for better performance.
First version to be released from Subversion repository.

What's new in 1.204 (04-05-2008)

Remoting API now serves properly escaped URLs (issue 1464)
Cron trigger can get behind the schedule. Now it automatically catches up if that happens. (issue 1512)
Fixed an NPE when the container persists sessions across JVMs. (issue 1482)
Use platform default encoding to encode non-ASCII file names into zip file. (report)
Updated to YUI 2.5.1
~~Remoting API now exposes information attached by plugins~~ (issue 1473)

What's new in 1.203 (04-03-2008)

CVS polling was not working if it's configured to pull a tag (issue 1471)
JUnit report XML parsing was incorrectly handling stdout/stderr in some cases. (issue 1472)
The remoting API was made robust in the face of plugins (issue 1474)
Hudson now serves help files with a specific charset to avoid encoding related issues on some container. (issue 1491)
Added script console for agents.
When Hudson is preparing to shut down, always display the message. (issue 942)
Improvements in Russian, Brazilian Portuguese and Japanese localization.

What's new in 1.202 (04-02-2008)

If all executors are busy, the queue status was not getting updated.
Fixed a file handle leak in wagon-webdav. (WAGON-104)
Moved the module list in a Maven project to another page.
Updated to svnkit 1.1.6 equivalent.
Display why matrix configuration build is blocked. (issue 1455)

What's new in 1.201 (03-29-2008)

Renaming plugins from their original names no longer cause problems in plugins. (issue 794)
Built-in servlet container wasn't handling '+' in job/view names correctly. (issue 728)
Internet Explorer users couldn't add users/groups to the authorization matrix table. (report)
Fixed a NullPointerException when parsing SoapUI junit xml reports. (issue 1463)
Build configuration UI is changed to support multiple builders with control of execution order. (issue 37)
Improvements in Russian, Brazilian Portuguese and French localization.

What's new in 1.200 (03-22-2008)

Allow plugins to register actions with absolute URLs. (issue 1335)
Work around the trailing slash issue in ANT_HOME (issue 1452)
Hudson starts monitoring agents little more eagerly, so that by the time a human comes to https://server/hudson/computer/ the information is ready.
Added a switch to disable CVS changelog computation. (issue 1346)
Improvements in Turkish localization

What's new in 1.199 (03-20-2008)

login error should result in 401 status code. (issue 1441)
Fixed internal databinding problem when the repeatable object only has one item. (issue 1443)
In the page that creates a new job, the form validation kicks in before the text box loses the focus (issue 1429)
Updated to work with Sventon 1.4 (issue 1449)
Started to capture fingerprints of POM in Maven2 projects. (issue 1438)
Artifact listing now prints a part of path if that's necessary to disambiguate names (issue 1435)

What's new in 1.198 (03-19-2008)

Native maven2 job types didn't work with Surefire < 2.4 (issue 1340)
When legacy authentication is used with no view permission for anonymous users, successful login takes the user to a wrong page.
"Remember me" doesn't work with the servlet authentication mode, so removed the UI.
Form validation for "* * * * *" was failing. (issue 1428)
URLs should stay within a view when a job is created inside a view.
Localizatoin improvements in Russian, Brazilian Portuguese, Japanese, and French.

What's new in 1.197 (03-17-2008)

NPE when loading TestNG reports in the maven2 jobs. (issue 1426)
Fixed a permission related problem when two users try to run Hudson with "java -jar hudson.war" on the same machine. (report)
Fixed a bug in Winstone so that it purges temporary directory correctly during upgrade. (issue 1408)
Job configuration can be now updated from the remote API. (issue 1190)
Locale-specific resource selection is now available to plugins. (report)
Error checks on crontab format is improved to detect typical mistakes like "* */4 * * *" (issue 1406)
Hudson now workarounds bugs in IBM JDK and WebSphere. (discussion)

What's new in 1.196 (03-15-2008)

Loss of workspace shouldn't result in a new build with Subversion. (issue 1348)
Don't try to archive surefire reports if tests are skipped (issue 1340)
After-the-fact deployment of Maven artifacts weren't setting the right file extension when custom ArtifactHandler is involved during a build.
Test failures in the native m2 job should make builds yellow, not red. (report)
Actions to edit and delete view lists are now only shown for autohrized users. (issue 1416)
Added ability to include jobs to a view using a regular expression. (issue 490)

What's new in 1.195 (03-13-2008)

Fixed IllegalArgumentException when trying to submit configuration for Matrix job (issue 1410)
Attempt to set a log level to inherit from the UI has been causing 500 error. (issue 1411)
Stopping a build could have resulted in NPE, depending on timing (issue 1412)
Tag SCM after-the-fact was not working. (issue 1415)
Fixed a bug in using wagon-webdav on Hudson (this is still a temporary solution.)
After-the-fact deployment of Maven artifacts shouldn't kick in if a build failed or is unstable.
Added remote API support for master and agent nodes (issue 1315)
More progress on Turkish localization.

What's new in 1.194 (03-13-2008)

Hudson occasionally incorrectly report "0 tests started to fail". (issue 1389)
Redeployment of artifacts wasn't picking up <server> information from ~/.m2/settings.xml
Package empty directories in a zip file. (issue 1398)
'@xxxx' syntax wasn't working in the cron setting. (issue 1342)
Hudson wasn't creating symlinks correctly on file systems with the m2 job type.
Fixed a bug in selecting the proper languages for messages on systems where the default locale is not English. (report)
Added an extension point for plugins to add icons to the "manage Hudson" page.

What's new in 1.193 (03-11-2008)

There was a data corruption issue when you submit configuration for freestyle jobs.
Improvement in French and Turkish localization.

What's new in 1.192 (03-11-2008) Please use 1.193

Matrix configuration run shouldn't wait for the quiet period. (issue 1388)
Remote API for users were not working when the security is enabled. (issue 1393)
Handling of absolute path in various places weren't correct. (issue 1394)
Fixed a dead lock (issue 1390)
Added extension point to infer e-mail address from SCM information. (issue 1139)
Improvements to French and Brazilian Portuguese localization.

What's new in 1.191 (03-10-2008) Please use 1.193

When explicit downstream dependencies are configured, Maven2 jobs were scheduling them twice.
Maven module builds now have stable URLs within the whole build. (issue 1384)
Fixed HTML rendering issue in long view name with IE. (issue 1378)
Hudson wasn't performing the name safety check on renaming views. (issue 1377)
Fixed a bug that prevented build-timeout plugin from working on the latest Hudson.
Added after-the-fact deployment support for the maven2 jobs. (issue 552, issue 959)
Improvements to Japanese and Turkish localization.

What's new in 1.190 (03-07-2008)

Downstream triggering now happens "correctly" with the matrix job type (issue 1371)
Require login before an user starts to modify configuration, to prevent a loss of changes. (issue 1360)
Fixed a bug in handling of non-ASCII characters in URL with Winstone. (issue 1352)
Possibly fixed a performance problem on some system regarding the use of fingerprint. (discussion)
Hudson now tries to automatically attempt to reconnect agents after a failure (issue 1364)
Initial Turkish localization, thanks to Oğuz Dağ. (announcement)

What's new in 1.189 (03-07-2008)

Fixed bug in collecting of TestNG test results in Maven projects. (issue 1337)
Fixed a bug in the form field validation of POM location in the maven2 job type.
Fix for aggregated test result graph for Maven project not showing skipped tests. (issue 1362)
JobPropertys were not invoked with the Maven2 job type.
Initial Russian translation contributed by Mike Salnikov (announcement)

What's new in 1.188 (03-05-2008)

The "perform the build once to parse POM" message needed to have zero-delay query parameter.
Hudson URL is now exposed to build as the environment variable HUDSON_URL (report)
A pending build can be now canceled from within the build history list. (issue 1356)
Implemented a smarter Y-axis auto ranging algorithm for build time trend. (issue 1246)
A node and a view now have its own aggregated build history view. (issue 1174)

What's new in 1.187 (03-04-2008)

Fixed bug in displaying the password field on a user page when using Hudson's own user database. (issue 1284)
When a custom location of the build script is specified, Hudson sets the current directory to the directory of the build script, to forestall unnecessary hassle. (report)
Improved error diagnostics so that we can catch containers that are forcing older versions of Ant. (report)
German translation is making more progress.

What's new in 1.186 (02-29-2008)

Build descriptions edited in the UI were not persisted correctly. (issue 1331)
Fixed a bug in handling user names that include '.' (issue 1227)
Fixed a performance bug in Winstone wrt serving a large file. (issue 1275)
Fix for NullPointerException parsing test results. (issue 1317)
Matrix project now shows project actions. (report)
Error diagnosis is improved for missing artifact archive configuration. (issue 1307)
Error diagnosis is improved when two Hudson instances collide on each other on the same data directory (report)

What's new in 1.185 (02-26-2008)

Builds are now run with the proper security privileges to do the work.
The certificate used for signing hudson.war has been expired, so it was renewed.
More progress on Japanese translation.
German translation is started and is making a good progress, thanks to Simon Wiest.

What's new in 1.184 (02-13-2008)

Fixed a bug where build dependencies in the native m2 job type may create self-recursion. (issue 1266)
Adding WEB-INF/jonas-web.xml to make it work nicely within JONAS. (issue 1276)
External job monitoring now avoids buffering the entire output on memory. (issue 1283)

What's new in 1.183 (02-10-2008)

Some form field validation errors were incorrectly reported as warnings. (issue 1273)
~~Fixed a regression where downstream m2 jobs are not automatically triggered.~~ (issue 1266)
StringIndexOutOfRangeException during authentication in some environment. (issue 1274)
Fixed a bug in the remote API for the test cases. (issue 1258)
Native m2 jobs now displays upstream/downstream project links.
"Build now" really builds now, without any delay. (issue 356)

What's new in 1.182 (02-09-2008)

removed MSVCR90.DLL dependency on Windows when trying to abort builds. (issue 1245)
Fixed an NPE in permission check of aborting a build. (issue 1270)
Fixed a bug in parsing TestNG report files. (report)

What's new in 1.181 (02-08-2008)

If the CVS configuration is changed, polling should notice and start tracking the new location. (issue 1262)
Integrated Winstone 0.9.10 to pick up various bug fixes. (issue 693)
Fixed a polling bug in svn:externals when the reference is with the -r option. (issue 898)
Even if anonymous users don't have the read permission, they should be allowed to sign up. (issue 1192)
Cron syntax now supports Debian extensions like @weekly (issue 1255)
Improved an error diagnostics when the temporary directory is misconfigured. (report)
French translation effort is making a good progress. Thanks to Eric Lefevre
When aborting a build on Windows, Hudson now terminates child processes recursively. (issue 1245)

What's new in 1.180 (02-05-2008)

Fixed a bug in the Windows/Unix handling logic when a file path includes ':' in Unix. (issue 1248)
Hudson couldn't serve "access denied" error page to users without the read access to Hudson. (issue 1250)
Fixed a bug so that the password field doesn't appear in the user configuration page unless "Hudson's own user database" is enabled. (report)
Hudson now tries to detect the subversion server time stamp to avoid clock out of sync problems (issue 1244)
When artifact archiving fails to find any artifact, Hudson tries to diagnose the problem now. (report)
Improved the form validation heuristics in the file mask check. (report)

What's new in 1.179 (02-03-2008)

JNLP agents stopped working since 1.175. (issue 1237)
Improved JUnit report file parsing robustness. (issue 1233)
Test result trend charts were not updated when a build fails. (issue 1230)
Changed code so that plugins can never inadvertently update build timestamps. (issue 1084)

What's new in 1.178 (02-03-2008)

Skipped tests (TestNG) are no longer treated as if they had passed. (issue 1251)
Hudson now issues an error if it detects that two Hudson instances are running on the same data. (issue 1236)
Exposed the build time stamp, just like build numbers. (issue 832)
Added password confirmation text box.
JUnit test results are now exposed through the remote API
Agent listing page now includes the architecture and OS of the agents.
Publishers are now available to the native m2 job type.

What's new in 1.177 (01-30-2008)

Removed the extra '$' sign from the permalinks that have accidentally crept in. (issue 1232)
Fixed a bug in SMTP authentication handling. (report)
Fixed a bug in handling CVS module names with space. (issue 1234)
Build time descriptions are now more precise. See the mailing list discussion for more details. (issue 1160)
Added a Subversion repository browser implementation for CollabNet-powered sites (these include Java.net, Tigris.org and BEA's dev2dev).

What's new in 1.176 (01-25-2008)

Fixed a regression in 1.175 with LDAP authentication (issue 1208)
Fixed a regression in 1.175 where the deployment fails on some containers due to the initialization order. (issue 1210)
CVS check out / update now cleans up sticky date tag, and checking out CVS tags are now supported. (issue 229)
Jobs are now sorted case insensitively. (issue 1211)
Environment variable expansions now work in MAVEN_OPTS setting. (report)

What's new in 1.175 (01-21-2008)

Don't allow # of executors to be 0. (issue 734)
More Japanese localization and improved i18n support
Added "remember me" feature to the login screen.
Improved i18n support. Static HTML files can be now localized.
Added a probe to the running Maven process to assist trouble-shooting.

What's new in 1.174 (01-19-2008)

Fixed NPE in the remote API job creation during error recovery. (report)
Supported multi-select <SELECT> element for plugins (report)
Fixed a rendering bug in build history. (issue 1189)
TestNG DTD is bundled to avoid network traffic when TestNG XML reports are parsed. (report)
Removed pointless svn update line about directories.

What's new in 1.173 (01-17-2008)

Fixed an HTML rendering issue in the agent list page.
Fixed an assertion error when security is enabled with Tomcat. (report)
Native m2 builds now launch Maven with the current directory set just like CLI tends to be run. (issue 1185)
Fixed the stall cache problem in AJAX-based project/build description editing (issue 1176)
Fixed a bug where the user password may be lost when the e-mail address is manually set. (issue 1178)
Improved form field validation in the maven2 job type.
When using Hudson's own user database, password can be now reset via the web UI.

What's new in 1.172 (01-16-2008)

Fixed a broken link in the help of "Hudson's own user database" (issue 1170)
"Send e-mail for every unstable build" is not persisted in the maven configuration. (issue 1172)
Unlike Ant, Hudson won't use whitespace as a pattern separator (instead, only ','.) (issue 1175) INCOMPATIBLE CHANGE: you must now insert commas into artifact or test includes.
Fixed a bug in RSS links in HTML HEAD. (issue 1177)
Fixed HTML rendering issues of the login link with IE.
Fixed the bug where the Ant/Maven installation choice is not sent when configuring job with IE7. (issue 1147)
Steady progress on Japanese translations in the past several releases (screenshot)
Allowing plugins to extend the navigation menu on left hand side of the top page. (report)

What's new in 1.171 (01-14-2008)

Fixed inconsistent use of button visual style.
Fixed a bug where some operations are hidden even from privileged users if they don't have the "admin" role.
Fix to force UTF-8 character encoding under Jetty 5.x. (issue 1166)
Further improved the maven2 build performance.
Added a permission to control tag creation (issue 1140)
Build health report is now a part of the remote API. (issue 1146)

What's new in 1.170 (01-13-2008)

Fixed an assertion error in MavenModuleSetBuild$Builder.postModule (issue 906)
The native m2 job type now handles profile activation correctly during initial POM parsing. (issue 470)
Fixed a possible race condition that causes a sudden death of agents. (report)
Don't show "create new jobs" link to users who don't have permission to create jobs. (issue 1171)
Improved the maven2 build performance. (report)

What's new in 1.169 (01-12-2008)

Fixed a bug in redirection after successful login. (issue 1138)
Send a proper cache control header to prevent Opera from caching captcha images (issue 1167)
Hudson dies with NPE if the user tries to access the page after signing up. (issue 1168)
Fixed a problem where the abort/start build links were not correctly displayed even for users with sufficient permissions. (issue 1162)
Fixed a problem where the new view links were not correctly displayed even for users with sufficient permissions. (issue 1157)

What's new in 1.168 (01-11-2008)

Ensure sidebar links use correct hostname rather than localhost. (issue 1111)
Offline nodes were not marked as offline on the executor list. (thread)
Fixed a possible race condition in the matrix build around detecting cancellation of child builds. (thread)
Made the M2 project type main page layout more consistent with the other project layouts. (thread)
In addition to "login" link, "sign up" link is now displayed whenever applicable. (thread)

What's new in 1.167 (01-10-2008)

Fixed a bug where project actions the modules of for m2 projects were not visible until a hudson restart. (issue 1149)
Command links on the top page and view pages weren't displayed correctly even for users with sufficient permissions. (issue 1137)
Fixed sidebar links on people page. (issue 1142)
Improved the performance of subversion updates on agents (report)
The remote API now supports the optional depth parameter, which can be used to control the amount of data you receive in a single call. (report)

What's new in 1.166 (01-05-2008)

Fixed a bug where successful authentication still results in 403 after login under some configurations. (report)
Build links were not visible even if the current user has a sufficient permission. (report)
Fixed a bug in case insensitive environment variable name handling. (issue 1115)
Fixed typo in people configuration. (issue 1130)
Added LDAP authentication support

What's new in 1.165 (01-02-2008)

Specifying XPath in the remote API that matches multiple nodes is now reported as an error. (issue 1141)
Fixed a bug where secured Hudson fails to authorize admins to access pages. (issue 1118)

What's new in 1.164 (12-29-2007)

Hudson has been failing to serve workspace files that ends with "jelly" extension.
Fixed a problem in the core that causes some plugins to fail with hudson.tasks.MailMessageIdAction@12524b0 returned null from the getUrlName() (report)
Fixed a problem where JNLP agents occasionally fail to reconnect to the server. (report)
Fixed problem with "New Job" and "People" links in side bar. (issue 1111)
A mechanism to do i18n is now in place, and a partial Japanese localization is in place. Contributions welcome.
Implemented fine-grained security (issue 326)

What's new in 1.163 (12-22-2007)

Fixed a possible loading problem for user information
Test duration was not computed correctly for a class. (issue 1063)
Added the remote API support for the people page. (issue 1103)

What's new in 1.162 (12-22-2007)

Fixed a problem where Hudson fails to find wagon implementations. (issue 1102)
Fixed a problem where requesting schema for XML in the remote API on Java5 causes ClassFormatError (issue 1107)
Improved the notification e-mail subject line when a build is unstable (issue 1105)
Hudson now makes sure that configured sh actually exists. (report)
Exposed user e-mail address to the XML/JSON API. (issue 1108)

What's new in 1.161 (12-16-2007)

Fixed the wrong time zone use in some HTTP headers. (report)
Fixed a bug where path to Ant is computed incorrectly if the controller and the agent are on different OS.
Fixed a bug in the resource lock controller (issue 1080)
Fixed a bug in parsing JUnit test report that takes longer than 1000 secs to run. (issue 1085)
Improved the robustness when temporary directory doesn't exist. (report)
Added /exit URL to shutdown VM that runs Hudson. (report)
Implemented ASCII-only remote communication mode for binary-unsafe transport. (report)

What's new in 1.160 (11-30-2007)

Fixed a bug in the HTML rendering of repository browsers. (issue 1052)
Fixed JavaScript error that prevented hiding of optional blocks in IE. (issue 1049)
JOB_NAME variable on Matrix projects now includes the job name, not just the configuration name. (issue 1047)
Fixed a JavaScript issue with Opera 9 in the configuration page. (issue 1056)
"Latest Artifacts" are renamed to "Last Successful Artifacts" to better represent what it is. (issue 1035)
Added a form in the log page (http://SERVER/hudson/log) to configure the logger setting. (report
Improved the error diagnosis when Ant invocation fails. (report)
Added a feature to test SMTP setting by sending out a trial e-mail.

What's new in 1.159 (11-22-2007)

Fixed a bug in the remoting layer that prevented plugins from contributing to the native m2 build process. (report, report)
Fixed wrapping of log messages on changes pages. (issue 1031)
Removed maven wagon provider jars that were somehow sucked into the dependencies. (issue 1023)
Free-style Maven builders was only setting MAVEN_HOME but not M2_HOME. (issue 1026)
JUnit report recorder now reports time it took to run tests. (issue 656)

What's new in 1.158 (11-21-2007)

Fixed a bug where the submission of the matrix project configuration clobeers the on-going build. (issue 981)

What's new in 1.157 (11-20-2007)

Fixed a bug in handling whitespace in ant properties on Windows. (issue 1007)
Fixed bug in changes view that showed only one change per build for Subversion repositories. (issue 856)
Fixed problem with WebSVN diff links. (report)
Using the consistent button style in more places
Added support for sventon as a repsotory browser for Subversion.

What's new in 1.156 (11-13-2007)

Fixed a bug where the submission of Hudson configuration loses MAVEN_HOME entries (report)
Added "Expires" header to prevent unwanted page-caching in Opera. (issue 869)

What's new in 1.155 (11-13-2007)

Fixed a regression in Ant that causes an empty "-file" line. (report)
Fixed NPE in external job result submission. (issue 1006)
Fix to avoid loading entire build log into memory. (issue 638)
Report the empty MAVEN_HOME value more gracefully. (report)
Added additional logging for the workspace clean-up thread.

What's new in 1.154 (11-12-2007)

Fixed IllegalArgumentException in trying to load data from old Hudson (issue 988)
Fixed an exception when getting zip file of an empty dir in workspace. (issue 788)
Environment variables need to be case insensitive but case preserving. (issue 968)
Notification e-mails now form a thread.
Hudson now produces cctray compatible XML report in https://server/hudson/cc.xml or https://server/hudson/view/ABC/cc.xml (issue 1003)
Added additional logging for project dependency related build ordering.

What's new in 1.153 (11-06-2007)

Fixed a regression introduced in 1.152 wrt spawning native m2 process remotely.
Fixed a race condition between the inter-project dependency, so that the downstream builds always correctly see the latest upstream build. (issue 980)
Reduced the # of threads Hudson uses internally for efficiency (issue 978)
If no artifact is discovered when artifact archiving is configured, mark the build as an error.
Removed clock checking from the system configuration, as the same information is available from the node list view (http://SERVER/hudson/computer/)

What's new in 1.152 (11-05-2007)

~~Environment variables need to be case insensitive but case preserving.~~ (issue 968)
Reject job names that contain ':' and ';' as an error (issue 970)
JNLP agent now has the headless support. (issue 973)
Fixed a bug where the build status image after aborted build is incorrect.
Don't report the build duration as 0 seconds when it's building.

What's new in 1.151 (11-03-2007)

svn+ssh connection was not properly working. (report, issue 678, issue 811)
Fixed an incorrect reporting that the downstream build trigger makes.
Error detection for servlet 2.4 support was not working. (report)
SVN authentication error can now reveal full stack trace to assist trouble-shooting.
Added debug probe for ssh library

What's new in 1.150 (10-30-2007)

Tooltip for grey ball icon now correctly display different meanings of grey. (issue 956)
Fixed a bug that RSS feeds may expose internal URL behind a proxy/frontend. (issue 954)
Attribute fingerprints to their builds correctly even when a build completes very quickly
"Build Now" link uses AJAX and thus no longer requires full page refresh.
Upgraded to YUI 2.3.1. Buttons are now YUI-themed.
Implemented config GUI for handling a heterogeneous list by adding items from a menu (this is for plugin developers.)
Builder, Publisher, and BuildWrapper are generalized to work with non free-style projects. (this is for plugin developers.)
JobProperty now gets a chance to participate in a build. (this is for plugin developers.)
Matrix build now exposes $JDK and $LABEL, just like other use-defined axes.

What's new in 1.149 (10-23-2007)

Fixed a regression in 1.148 that made it impossible even for an admin to start a build if security is enabled. (issue 944)
Scripting console had apparently stopped working since 1.145. This is fixed. (issue 925)
In the "new job" page, the state control of the "OK" button was not quite right (issue 849)
If there's only one JDK configured in the system, don't offer pointless JDK selection combobox. (issue 659)

What's new in 1.148 (10-22-2007)

Fixed a security problem where project build URLs were not protected by default when security is enabled. (issue 926)
Fixed a bug where the HTML rendering of external jobs was completely broken.
AJAX build history update was broken for the native m2 job type.
Fixed broken links from "no workspace" error page. (issue 922)
When a remote build is cancelled, the launched process needs to be cancelled, too. (issue 904)
Fixed a MalformedURLException with resin. (issue 879)
Deletion of files is now a bit more robust, especially if Hudson runs on JDK6.
Picked up the latest version of JEXL.

What's new in 1.147 (10-19-2007)

Fixed a bug in computing the location of classworlds.jar for native m2 build. (report)
Fix a memory leak in the Subversion SCM (issue 886)
[XVNC] Starting display number for XVNC displays, normally 10, is now configurable. (issue 918)
Added a status indicator for each build in the build trend page.
Hudson now masks password sent to child processes. (issue 911)
SCM and AbstractProject now implement a getModuleRoots method (this is for plugin developers only). (issue 912)
hudson.war contains a commented out section that can be used to avoid interference between security and cache control header. (report)

What's new in 1.146 (10-09-2007)

Disk space monitoring on agents was not working
Fixed a bug where Hudson fails to recognize a JUnit test failure when a test failed to load. (issue 899)
JUnit test case name has been rendered without HTML escaping.
Builder, Publisher and BuildWrapper can now implement ResourceActivity if they want to contribute to the resource usage for the project (e.g. required to implement issue 878, this is for plugin developers only.)
Introduced the internal 'widget' abstraction so that plugins can expand them. (issue 785)
Generalized the internal job rename event notification. (issue 891)
JUnit report archiver handles report files of length 0 more gracefully. (issue 903)
Added an error margin on JUnit report archiver so that it doesn't report false positive "no new reports found" error.

What's new in 1.145 (10-04-2007)

Fixed a bug where Ant support didn't run on Tiger. (issue 884)
Fixed NPE in doSvnRemoteLocationCheck for svn+ssh (SVNGanymedConnector.close) (issue 784)
Make CVS logging work even for very many files in a single build on Unix systems (issue 864)
Fixed a bug that where the ajax build history update is broken for matrix configuration job.
Added icons to the form-field validation error messages, and introduced a separate visual style for warnings.
<f:optionalBlock> can be now nested inside <f:repeatable> (this is for plugin developers only.)
When a portion of the form unfolds, the page will scroll automatically to display the newly visible area.
Added RunListener for getting notifications for all builds.

What's new in 1.144 (09-27-2007)

Fixed a bug in the "loading..." page auto refresh (issue 829)
Expanded search index to cover all the users.
Added remote API support for fingerprints. (report)
Improved user interface of Ant support (report)
Text area is now much smarter. Its height is adjustable, and its size is pre-configured to fit to the content (as well as double-clicking the handle.)

What's new in 1.143 (09-24-2007)

Axis names are now exported as environment variables in all upper case for better cross-platform behavior) (issue 842)
CLASSPATH environment variable is no longer inherited to processes spawned from Hudson. (report)
Macro expansion rule now supports ${ABC} syntax as well as $ABC.
Maven invocation in free-style projects now does macro expansion. (report)
Added a workaround for slow subversion check out (report)

What's new in 1.142 (09-22-2007)

Fixed a start up NPE problem in native maven2 projects, introduced in 1.141.
Added error diagnostics screen for executor thread death. (report)
Added HTML titles to various test result related pages. (issue 843)

What's new in 1.141 (09-21-2007)

For SCM polling, resize the thread pool when Max # of concurrent polling is changed
JUnit result reporting showed incorrect links when JUnit test names contain ':'
Fixed an NPE during initialization, which only happens with matrix build and master-only environment.
Fixed a JavaScript error on tooltip handling. (issue 830)
Fixed a bug so that actions show up properly in matrix project.
De-selecting "axes" in matrix project configuration should delete all axes. (issue 839)
Do not perform SCM polling when Hudson is shutting down (report)
Fixed negative phrasing "don't send email on every unstable build" (issue 827)

What's new in 1.140 (09-19-2007)

Fix a socket leak in SubversionSCM introduced in 1.137
Compute version number before loading Hudson, so that the HudsonIsLoading page displays a version number
Matrix build can wait infinitely if its configuration builds are cancelled from the queue.
Fixed a security hole that allows unauthenticated users to access logs that Hudson produces.

What's new in 1.139 (09-16-2007)

A failure in svnkit can cause an unexpected timer cancellation. (issue 813)
Hudson wasn't performing all the variable expansions in <finalName> when archiving artifacts. (issue 812)
java -jar hudson-core.jar had unnecessary dependency to Ant. (issue 802)
Added WebSVN support. (issue 617)
Agent log now shows timestamps. (issue 791)
Hudson now displays a dedicated UI during the initialization and reloading. (issue 756)

What's new in 1.138 (09-14-2007)

Disabled m2 module list actually showed the enabled modules.
E-mail notifications were not working with aggregator-style Maven2 builds. (issue 807)
Native m2 Aggregated build was also "building" disabled modules. (issue 805)
Detailed build error message was not captured in the offending maven2 module build console output.
CVS after-the-fact tagging screen now shows all the transitive dependencies. (issue 233)
Search index now includes maven module display names.

What's new in 1.137 (09-12-2007)

Additional JavaScript memory leak fix.
Agent thread dump was not working in JDK5. (issue 792)
Using local file path as HUDSON_HOME for monitoring external job is now obsoleted. (issue 799)
Scripting console needs to escape its output. (issue 798)
Gracefully handle project deleted in SVN (issue 763)
List of possible culprits for repeated failed builds should be cumulative (issue 747)
Remote API support was expanded to build records of all job types. (issue 804)

What's new in 1.136 (09-04-2007)

Fixed JavaScript memory leak issues. (issue 670)
Table sorting feature stopped working in 1.135 (report)
Hudson was still following symlinks when deleting recursively. (issue 585)
JavaScript performance improvement
Hudson now detects a file descriptor leak situation and report that as a warning, then let the build go. (issue 770)

What's new in 1.135 (09-02-2007)

Icon size choice should be persisted across browser sessions. (issue 762)
Some binary data in console output has been causing 500 when you try to access it. (issue 778)
Fixed a bug in the native m2 surefire result recording when surefire is used more than once. (issue 751)
Modified JUnit report archiving behavior to better align with Ant's <junitreport> task. (report)
Updated to svnkit 1.1.4
Updated to prototype.js 1.5.1.1
Improved the absolute URL computation in Hudson to work better with httpd frontend. (issue 781)

What's new in 1.134 (09-01-2007)

Aggregator-style build setting in the native m2 project was put under the wrong "advanced" button. (report)
Don't let test failures in the aggregator-style native m2 build to abort a build. (report)
Fixed NPE in job configuration. (issue 773)
Fixed an error handling in e-mail notification when e-mail address is empty. (issue 772)
Fixed a bug in inter-module dependency handling with aggregator-style native m2 build. (issue 774)
Native m2 module build records were not properly discarded even when configured.
Test failures in aggregator-style native m2 module build was reported as red, not yellow. (issue 776)
Maven project page now shows aggregated test result trend (regression.) (issue 775)

What's new in 1.133 (08-28-2007)

Fixed a bug in the free-style maven/ant invocations when the controller and agent run in different OSes. (report)
Subversion change log has been reported in the wrong order. (report)
Maven modules are now displayed with indentation according to their POM hierarchy. (Note that you'd have to build the project once for this to take effect.) (issue 423)
Supported more traditional maven build mode where a single maven process recursively builds all the modules. (issue 557)

What's new in 1.132 (08-22-2007)

Fixed the login link visibility issue. (issue 758)
Trying to search for non-existent item now shows a list of candidates, as opposed to 500 error. (issue 761)
Search box auto-completion now shows prefix matches before other matches.
Added a work around necessary to run with OC4J. (report)

What's new in 1.131 (08-21-2007)

Running "javadoc:javadoc" in the native m2 project was not recording javadoc. (report)
Changelogs were not displayed properly for maven2 modules. (issue 661)
Hudson now recognizes the JUnit output XML that starts with <testsuites> (report)
Changed svn polling code so that it doesn't rely on the left-over workspace (report)
Subject of e-mail notifications that Hudson sends out is little more human readable.
Added search box for a quicker navigation around Hudson pages (detail)

What's new in 1.130 (08-18-2007)

Fixed a bug that matrix project initialization causes NPE. (issue 740)
Improved the stability of the native m2 builds when builds produce plugins, and when different builds use different versions of plugins. (issue 740)
Agents launched through JNLP couldn't launch the native maven2 builds. (issue 539)
Archived Maven2 artifacts should honor the <finalName> POM entry. (report)

What's new in 1.129 (08-15-2007)

Fixed a memory leak bug in distributed operations. (report)
Fixed a bad interaction between subversion repository browser vs controller/agent operation. (issue 702)
In workspace browsing pages, HTML title was incorrect.
JNLP agent is modified to run on any JRE newer than 1.5, not just 1.5. (issue 735)
Native Maven2 projects now expose the same set of variables as system properties that free-style projects get as environment variables. (issue 700, issue 720)
Ant-style glob like "**/build.xml" can be entered in the text box of the workspace/artifact view and Hudson shows matching files. issue 448)
Improved error diagnostics in the subversion URL setting.
JobPropertys for maven2 projects weren't given a chance to contribute actions. (report)
When someone is listed in the recipient list of e-mail notification and when that person is responsible for breaking the build, s/he now only gets one e-mail, not two. (report)

What's new in 1.128 (08-10-2007)

System log and agent log were not secured. (issue 716)
Fixed a bug where the console output could get truncated incorrectly. (report)
Fixed subversion performance issue with symlinks (report)
Insufficient security permission is now reported more gracefully. (issue 719)
Even if the lastSuccessful symlink is turned into a directory, Hudson will delete it correctly. (issue 704)
When a new plugin is uploaded, a message will indicate that the restart is needed for plugins to take effect (issue 705)

What's new in 1.127 (08-07-2007)

Fixed a bug that prevented weather report detail table to show up. (report)
Fixed the problem where upgrade of Hudson often used to require clearing the browser cache.
Hudson now detects Windows/Unix of agents more reliably. (report)
Hudson didn't check the client CVS version to see if the '-S' option can be used for computing changelog. (report)
Rendering performance is improved by better static resource cache control.
Improved page rendering performance by using gzip compression in several places
Workspace view now has a "view" link to view files inline. (issue 645)
Updated the error diagnosis in the JUnit test result collection

What's new in 1.126 (08-03-2007)

Fixed a bug where "cvs co" put "-P" in a wrong position. (issue 696)

What's new in 1.125 (08-03-2007)

Fixed the character set handling in AJAX job/view description update (issue 654)
Missing JavaScript files was making it impossible to configure agents in the matrix project (issue 706)
Improved the form validation and error diagnosis when JDK paths are not configured at all (issue 659)
CVS check out now uses the -P option to avoid checking out empty directories (issue 696)
Added a hook for plugins to specify additional CSS (issue 695)

What's new in 1.124 (08-01-2007)

Build history listing always get doubled because of a bug in partial page update code. (issue 698)
Fixed a NPE when a HealthReportingAction is not providing a health report. (see report)
Fixed a rendering issue with health report details on browsers that normalize malformed HTML pages. (report)
Improved stability of the timer related code so that one failure won't shut down the entire timer.

What's new in 1.123 (07-30-2007)

Fixed a bug where remote API schema generation doesn't work with JDK1.5. (report)
Fixed a bug where tooltips of the build history stops working when the page is partially updated by AJAX. (issue 683)
Fixed the dead lock issue in SCM polling (issue 690)
Added upstream/downstream projects to the remote API. (report)
/job/JOBNAME/config.xml now sends back project configuration XML verbatim. (report)
Extended the remote API to support job submission. (report)
Added extensible agent monitoring mechanism. Initially this comes with clock difference monitoring and free disk space monitoring. Linked from "Manage Hudson" page.
Health/weather reports did not display the description under Safari. The fix allows for displaying a table of all health reports (as before accessible by hovering over the health/weather icon).

What's new in 1.122 (07-27-2007)

For some reason, a lot of Subversion related changes that were made in the past has been lost since 1.114. I resurrected all such changes. Subversion users are recommended to pick up Hudson 1.122. (issue 679)
"Just show failure" feature in the test report trend was not working.
Subversion after-the-fact tagging log incorrectly displays Object.toString() output. (issue 676)
Fixed a bug where JUnit report archived reports up-to-date check errors as negative values. (report)
A prominent link to the latest test result is now available on the project top page. (This feature used be available but somewhere along the line I must have broken it.)
Multiline-expandable text box now comes with tooltip to explain what it is. (issue 664)
Trying to launch JNLP when JNLP agent TCP port is disabled now produces a warning. (report)
CVS now supports whitespace in module names by using "\ " as the escape syntax. (issue 663)
Introduced a new project type called 'matrix project'. Particularly suitable for building/testing on multiple platforms, or testing with non-trivial number of different configuration. (more)

What's new in 1.121 (07-23-2007)

Fixed HTML escape related bugs in the project description. (issue 654)
Maven module configuration shouldn't offer name field as a textbox. (issue 632)
Fixed file handle leak in serving static resources. (report)
"Tag this build" feature in Subversion was somehow disabled. Resurrected this feature. (issue 662)
CVS tag form now gets form validation to warn invalid tag names upfront ('.' in tag, anyone?)
Changed the way Maven project build result is computed. (issue 651)

What's new in 1.120 (07-19-2007)

Fixed a security hole that allows non-admin users to disable/enable plugins.
After a successful login, don't go back to the original page if the original page was the "login error" page. (issue 641)
Maven in the native 2m project is now invoked with the batch mode option (-B)
CVS_BRANCH environment variable is now available to the build if the SCM is CVS and a branch is set. (report)

What's new in 1.119 (07-15-2007)

Fixed NPE in the end of a build.

What's new in 1.118 (07-14-2007)

Memory fix bug in 1.117 was incorrect and Hudson fails to persist SVN credentials.
Re-implemented the SCM polling & build locking mechanism. (report)
Views can be now renamed from the 'edit view' page (issue 640)
Improved the algorithm that detects e-mail address from user name. (issue 636)
Improved agent Unix/Windows detection (issue 631)

What's new in 1.117 (07-13-2007)

Fixed a bug where build queue gets very confused if modules exist in 2 native m2 projects (issue 521)
Fixed a bug where Hudson doesn't pick up a change to the root module in the native m2 project. (issue 588)
Fixed I/O error in locally launched channel with Maven. (issue 595)
Integrated Winstone 0.9.9 to pick up bug fixes. (issue 553, issue 596)
Fixed a subversion&agent related memory leak. (report)
Added a command to delete all disabled modules from a m2 project in one click.
[JIRA 1.3] JIRA plugin now works with the native m2 project type. (report)

What's new in 1.116 (07-11-2007)

Several subversion related error messages were incorrectly escaped. (report)
Fixed 404 in the "enter credential" link from Subversion help page.
Fixed a data file compatibility problem. (issue 628)
Fixed a bug where the downstream project list always gets sorted alphabetically. (issue 608)
Native m2 module builds no longer trigger downstream modules if tests fail. (issue 605)
Improved form field validation for javadoc archive configuration. (issue 606)
Improved error diagnostics in JUnit report archiving (issue 579)
Auto-refresh cookie is now persisted. (issue 580)

What's new in 1.115 (07-02-2007)

Modified to disable HTTP basic auth support (introduced in v1.112) when security is disabled. (report)
Fixed a possible NPE in fingerprint handling (report)
Fixed a problem where workspace/archived files with unusual extensions are served with "text/html" MIME type. (issue 627)
Added Subversion revision number to the remote API. (issue 626)
Supported XPath query in the remote API. (issue 626)
Project health report icons on the project level view. The 'sickest' health report controls the icon's tooltip text. Initial health report providers are Test Result and Recent Build Status. (issue 615)

What's new in 1.114 (06-26-2007)

Fixed 404 in Subversion config help link.
Fixed NPE in the fingerprint record cleaning. (issue 618)
Maven modules now follow the project level log rotation setting. (issue 612)
[SVNCOMPAT13] Added the svncompat13 plugin to create working copies compatible with Subversion 1.3
Extract email from user id when available
Hudson now distinguishes aborted builds from failed builds. (issue 292) (issue 614)
Internal code is refactored to make room for another job type.

What's new in 1.113 (06-19-2007)

Fixed incorrect formatting in Subversion URL form validation. (issue 604)
Fixed NPE in form validation. (issue 607)
Fixed a bug in svn+ssh password authentication.

What's new in 1.112 (06-18-2007)

Fixed a problem where the user properties were not loaded correctly. (issue 600)
Fixed a bug where Winstone&IE combination causes 404 when submitting system configuration. (issue 596)
Fixed "SVNException: Path ends in '.'" problem. (issue 597)
Fixed NPE in MavenModuleSetBuild.getResult (issue 594)
When deleting directories, Hudson no longer recurse into symlinks. (issue 585)
Remote API now exposes XML Schema for its XML data.
For Subversion-based projects, SVN revision is now made available to builds through the environment variable SVN_REVISION. (issue 599)
Added HTTP basic authentication support for scripting clients

What's new in 1.111 (06-15-2007)

Fixed a few file handle leaks in Subversion support. (report)
Rolling back #590 change in 1.110 (issue 601)
Fixed several cross-site scripting vulnerabilities. Thanks to Fortify.

What's new in 1.110 (06-13-2007)

Fixed a DOM leak that caused browsers to eventually hang where partial page updates are involved. (issue 581)
Fixed NPE when the root POM field is left empty in the native m2 support. (issue 586)
Fixed NPE that involves copying a M2 job. (issue 588)
Fixed a bug in ViewCVS links where files in the Attic didn't resolve correctly (issue 590)
Improved compatibility with older version of ViewCVS (issue 589)

What's new in 1.109 (06-08-2007)

Fixed a NPE in MavenModule (issue 574)
User config information is now properly reloaded when Hudson is reloaded from UI. (issue 564)
When a module is re-added in the native m2 project, it needs to be enabled. (issue 569)
When the back button is pressed, expandable radio blocks were not restored correctly (issue 570)
Special characters are now properly escaped in JSON strings. (issue 576)
Added more hyperlinks to the fingerprint list page. (issue 568)
Build status icons now have the alt attribute for better accessibility. (issue 573)
After-the-fact tagging now supported for Subversion projects. (issue 566)
Made it easy to find the "enter subversion credential" page by adding a link from the help page. (issue 571)

What's new in 1.108 (06-01-2007)

No change

What's new in 1.107 (06-01-2007)

Fixed an NPE when pom.xml has ciManagement doesn't have nested system element. (issue 540)
Added some defensive checks to avoid reported NPEs in MailSender.
Fixed an NPE when a module configuration is saved. (report)
Clock check on the system configuration now runs asynchronously to improve the user experience with large number of agents.
Improved error handling when failed to create HUDSON_HOME. (issue 558)
Agents can now have labels, and jobs can be tied to labels.

What's new in 1.106 (05-14-2007)

Trying to update a module in a native m2 project fails with NPE. (issue 534)
Fixed a bug that prevented the JIRA plugin from working. (issue 529)
When Hudson is aborting because of a failure to create HUDSON_HOME, don't print out extra error messages. (issue 536)
JDK installation directory on Mac OS X was not properly recognized. (issue 533)
password-based SSH authentication was not working (issue 531)
XML-unsafe chars were not escaped in the remote API. (report)
[JIRA 1.2] Hudson URL in JIRA comments was incorrectly interpreted by JIRA (issue 544)
Fixed a bug where special characters like < and & are escaped multiple times in Subversion changelog (issue 530)
[JIRA 1.3] Hudson no longer gets confused with tokens that look like JIRA issues that are actually not (issue 548)
Hudson now checks for invalid new names in job rename operation. (issue 519)
Updated XStream to 1.2.1 to support BEA JRockIt. (issue 546)
"Build other projects" now has a help text and option to trigger even when a build is unstable. (report)
Improve the error message when the native m2 support is attempted to run with Java 1.4 (issue 537)
Added WORKSPACE to the environment variables provided to builds (report)
If javadoc archiver is used for archiving files other than javadoc, change this subject accordingly. (issue 543)
Jar/war/ear built by Maven now includes the Hudson version number (issue 526)

What's new in 1.105 (04-29-2007)

Fixed a bug where the native m2 support doesn't honor the JDK setting. (issue 501)
Switched from Winstone 0.9.6 to 0.9.8 to incorporate fixes (issue 374, issue 413)
Fixed a bug where under certain conditions the war/jar execution fails with duplicate manifest entries that Hudson adds. (issue 503)
SVNKit doesn't like '.' in the file path during "svn info", so Hudson works around that problem. (issue 474)
Fixed a problem where SVN polling doesn't work on agents (report)
Fixed NPE in maven2 support in site generation (issue 520)
Added help section for the JUnit report archiver.
Test result trend now includes records for failed builds. (issue 498)
Project change list view is now completely customizable by SCM plugins. (issue 511)
Removing some plugins (such as trac plugin) no longer stops Hudson from loading those configuration. (issue 514)
In the native m2 support, archived artifacts now honor the proper file extension given by ArtifactHandler
Hudson uses the -S option with CVS changelog computation when working on a large number of files. (issue 479)
[JIRA 1.2] JIRA plugin now works with the native m2 support. (issue 465)

What's new in 1.104 (04-22-2007)

Fixed NPE with the clean goal is run with the native m2 support. (issue 486)
Fixed a bug that caused ANT_OPTS configuration to be reset every time a job configuration is submitted. (issue 482)
Fixed a bug where CVS changelog file details were not exposed to the remote API.
~~Fixed a bug where the native m2 support doesn't honor the JDK setting. (issue 501)~~
Fixed a problem where unexpected termination of the maven process affects successive builds in the native m2 support. (issue 459)
Fixed a bug in the native m2 support where Hudson fails to determine the dependency correctly when child Maven modules specify different modules as the parent. (issue 485)
Fixed a bug where CVS modules area did not work when multiline textarea (issue 496)
Fixed a bug where Unix controller fails to set proper PATH on Windows agents, and vice versa, when JDK is configured. (issue 452)
Modified not to display pointless configuration (like SCM, JDK version) for the maven modules in the native m2 support.
When you log in, you are now taken back to where you were, instead of the top page. (issue 483)
Current build number is made available to the native m2 build (issue 488)
Hudson can be now configured not to use CVS compression ('-z') (issue 497)
Native m2 modules are now labaled as 'Module's, not 'Project's. (issue 502)
Added favicon (report)
Internal refactoring to make room for more generality in the queue.
Hudson now puts the build number and other information to jar, ear, and war build by its native m2 projects automatically. (issue 488)
[JABBER 0.2] Jabber plugin 0.2 release

What's new in 1.103 (04-17-2007)

Fixed a security hole where Hudson allowed anyone to tag the workspace. Relevant UI issues are also fixed. (issue 478)
Modified to work around a classloading issue in Glassfish and SJSAS (issue 458)
Fixed a possible race condition (ConcurrentModificationException) in ProcessCache. (issue 481)
Fixed several problems in RSS/ATOM feeds that Hudson produces (issue 476)
[TRAC 1.4] Wrong link to changelog was generated. (issue 477)
Fixed a bug where Subversion SSH authentication doesn't work on agents (issue 474)
Supported multiple CVS tags on the same build. (issue 469)
RSS/ATOM feeds now have more information (issue 461)

What's new in 1.102 (04-16-2007)

Improved the fix for #389 to only do this on Windows.
Fixed a bug where more than a month old m2 workspace will be deleted even if it's the active workspace. (report)
Fixed a bug where JDK configuration doesn't recognize JDK layout in Mac and reports false validation errors. (report)
Improved the error message handling when a M2 module references a non-existent POM. (issue 471)
The native m2 support can now work with 2.0.6. (issue 444)
Added a screen for trouble shooting to get the whole stack dump.
Ant invocation now supports the ANT_OPTS configuration. (issue 473)
View object is exposed to the remote API. (issue 475)
User object is exposed to the remote API. (issue 468)
JNLP agent TCP listener port is now configurable when the security is enabled. (discussion)

What's new in 1.101 (04-12-2007)

Fixed a bug where a long path name in javadoc or archived artifact causes the build to fail (issue 462)
Fixed a bug in formatting svn:external revisions. (issue 457)
Fixed a bug where the bare console text page was not sending text/plain content type. (issue 464)
Fixed a bug in the native m2 support where Hudson fails to find the proper triggering order of modules. (issue 450)
Script console sets the focus to the text area upon loading.
Project pages now expose changelogs as an RSS feed. (issue 460)
Remote API for builds now expose a lot more data. (issue 454)
Remote API is reimplemented so that Hudson can generate schema and documentation for the structure of JSON later.

What's new in 1.100 (04-11-2007)

Fixed a bug in running Subversion SCM on an agent. (issue 447)
Fixed a bug in the native m2 support where the association between project build and module build was incorrect.
Fixed a bug in the test result aggregation of the native m2 support.
Hudson no longer puts disabled, archive-only maven modules into the dependency tree.
fixed a bug where upstream/downstream links from a maven module in one project to a maven module in another project is broken.
In the native m2 support, the project page now shows the test result trend.
[POLARION 1.0] Polarion for Subversion plugin released. Kudos to Jonny Wray.

What's new in 1.99 (04-10-2007)

JNLP agent stopped working as of 1.97 is now fixed. (issue 442)
Hudson now correctly assigns build numbers to the native m2 builds and their module builds.
Fixed a bug in Subversion log computation when file move is involved (report)
Fixed a HTML rendering problem in the "executed mojo" page. (issue 441)
CVS module list text box is now expandable. (issue 439)
Enhanced the remote access API
In the native m2 support, test results of modules are now aggregated and displayed in the project build page.

What's new in 1.98 (04-07-2007)

Fixed a critical bug that crippled many parts of the Hudson UI. (issue 438)
Fixed a bug in the file mask form validation when dealing with ','-separated values. (issue 435)
Fixed a problem where test reports and such aren't displayed in the m2 projects when a build fails. (issue 339)
Upgraded to SVNKit 1.1.2.
Added form validation to the system admin e-mail address. (issue 428)
Native m2 builds now record Maven plugins that were used during the build. (issue 297)

What's new in 1.97 (04-07-2007)

Hudson now requires Java 1.5
Native m2 support can now work with Maven 2.0.6.
Improved file transfer performance between agents and controller especially when latency is big.
Build history is now asynchronously updated to reflect status changes in the server.
Fixed several problems that caused Hudson to remain in memory when the hudson webapp is re-deployed (lesson: beware of commons-logging)
Supported svn+ssh authentication
Performance improvement in the native m2 build. This should be especially effective in the controller/agent environment.
Fixed a bug where the javadoc link in the job top page becomes broken when the javadoc archiving is configured but no javadoc has built yet. (issue 433)
~~Improved the fix for #389 to only do this on Windows.~~ The fix was broken and fixed properly in 1.102.
Fixed a security problem. The configuration page was accessible to non-authorized users, even though the submission fails. (issue 413)

What's new in 1.96 (04-03-2007)

[TRAC 1.3] Added the repository browser support so that changelogs can be linked to Trac.
Added support for FishEye CVS browsing.
svn:external support is now fully integrated into Hudson. (issue 411)
When a build fails on a project with javadoc archiving, Hudson no longer complains about the lack of javadoc dir, so that users don't get confused as to what's the real error. (issue 419)
Fixed NPE from ChangeLogParser.processFile (issue 422)
Fixed a bug where not all files in CVS projects get hyperlinked by a repository browser (issue 417)

What's new in 1.95 (03-31-2007)

Performance improvement in the controller/agent communication.
Fixed JavaScript errors that occurs when there's no entries for repetable form fields (typically during the fresh install.)
Hudson now warns the lack of MAVEN2_HOME configuration upfront when job is being configured, instead of reporting a failure at the build time.
In native M2 projects, surefire test failures now correctly mark the build as unstable, not as a failure.
Fixed the problem where external job monitoring doesn't collectly persist the build duration. (issue 402)
Implemented the computer view for the master so that you can check what jobs are tied to the master. (issue 401)
Hudson now shows a tooltip for a pending build to explain why it's pending (issue 365)
Fixed a bug where ViewSVN/FishEye reports incorrect diff link for newly added files and deleted files. (issue 404)
[TEXT-FINDER 1.2] Now supports searching the console output. (issue 373)
[TEXT-FINDER 1.2] Added on-the-fly regular expression validation.

What's new in 1.94 (03-29-2007)

M2 project now shows build queue for modules.
Improved exception propagation with controller/agent mode.
E-mail notification (and other build settings) can be now configured at the M2 project level, as well as individual module level. (I thought I fixed this long time ago)
The build time trend chart no longer displays the on-going build. (issue 399)
Allowed admin to forcibly disconnect a agent. (issue 400)
Fixed a problem where too many build records make the chart look too crowded. (issue 214)
Fixed a problem where the M2 build launch would fail depending on which of 2 jars a particular class is picked up from. (report)
"log rotation" is changed to "discard old builds" (report)

What's new in 1.93 (03-28-2007)

Fixed a bug where people working on the native m2 projects don't show up in the "people" links. (issue 391)
Fixed a bug in Subversion URL validator. (issue 392)
Fixed a rare bug where a long list of changes in a CVS project may cause CreateProcess API call to fail with error code 87. (issue 389)
Hudson now normalizes SCM repository browser URLs so that it can better cope with invalid input. (issue 394)
Native m2 projects now support MAVEN_OPTS setting. (issue 396)

What's new in 1.92 (03-27-2007)

Fixed a config page rendering bug where sometimes all the repository browser configurations were displayed.
Added HTML <label> tags so that you can click anywhere in the title to click checkboxes and radio buttons.
Fixed a bug where FishEye links will have incorrectly formatted revision numbers if n > 1000.
Started adding remote access API via XML and JSON.

What's new in 1.91 (03-26-2007)

Fixed a bug where ViewCVS support doesn't point to the correct path.
Improved the UI of project changelog list.
Revised the FishEye setting so that Hudson can work with FishEye repositories that only partially mirror a SVN repository.
CVS config screen now checks for 'HEAD' in the branch field and issues a warning (issue 387)
Allowed images to be loaded from plugins. See javadoc.
Supported multiple subversion module checkouts (issue 153)
[EMMA 1.6] improved the handling of errors. Emma plugin doesn't die with a stack trace if a report file is not found, and it doesn't report that as an error if the build has already failed.
[IRCBOT 1.6] Fixed a bug in per-project notification. (report)
Fixed a remote build issue introduced in 1.90. (issue 388)
Fixed a upgrade problem to some old versions of Hudson to a new one (introduced in 1.87) (issue 362)

What's new in 1.90 (03-24-2007)

Fixed a bug where 'people' link doesn't show up if there are only m2 projects. (report)
Artifact archiving, fingerprinting, and JUnit test report setting form fields are now validated on the fly for improved usability.
Fixed a 404 when help icon for the ViewCVS URL setting is clicked.
Implemented ViewSVN support.
Fixed a bug where Hudson displayed wrong module build numbers when you are looking at the maven build record.
Maven build status icon now reflects the aggregated results of all the module builds (issue 376)
Implemented FishEye support for Subversion.

What's new in 1.89 (03-23-2007)

Added extension hooks for supporting repository browsers like ViewCVS/FishEye, etc.
Implemented preliminary ViewCVS support. (issue 16)
E-mail notification now supports SSL. (issue 382)
Hudson now sends out a correct MIME type for ATOM feed (issue 378)
Fixed a bug where CVS/SVN polling doesn't work correctly when jobs are configured on agents. (report)
Improved the config submission handling to fix various issues. (issue 383)
SCM polling schedule setting is now properly validated on the fly.
Fixed a bug where SCM configuration didn't work with Safari due to DOM issue. (issue 381)

What's new in 1.88 (03-16-2007)

Fixed a bug where the job properties like trac URL doesn't show up in the native m2 build. (issue 360)
Fixed a bug where the native m2 build doesn't run with NPE. (issue 368)
Fixed a bug related to cyclic dependencies in the native m2 build. (issue 364)
Fixed an IllegalArgumentException in the native m2 build when ~/.m2 doesn't exist. (report)

What's new in 1.87 (03-13-2007)

[TRAC 1.2] Fixed an NPE when configuring the native maven2 project.
If there's only one Maven installation in the system, don't present a combobox that only has one item in it.
Fixed a bug where the native maven2 launch fails on release builds. (issue 357)
Fixed a bug where the native m2 project doesn't send out e-mail notifications. (issue 341)
[JIRA 1.1] Fixed a bug where the color of the build in the posted comment can be incorrect.
[JIRA 1.1] Improved the compatibility with different versions of JIRA. (issue 359)

What's new in 1.86 (03-12-2007)

Disabled maven modules are now displayed in a different tab (issue 355)
Fixed a bug where disabled maven module doesn't change the ball color accordingly (issue 353)
Fixed a bug where maven modules couldn't be deleted manually (issue 354)
Fixed a bug where JNLP agent connection fails with NPE (issue 349)
Changed the URLs of maven modules to avoid issues with some containers. (issue 351)
Supported downloading artifacts and workspace files in a zip file. (issue 309)
Modified the launch sequence with java -jar hudson.war to avoid possible versioning issue.
Fixed a potential security problem where unauthorized users can still see configuration pages (although they cannot modify them.)
[TRAC 1.1] projects can now specify their trac websites individually.
[JIRA 1.0] first version of the JIRA plugin.
[EMMA 1.5] fixed a bug in parsing emma output without line coverage. (issue 350)

What's new in 1.85 (03-06-2007)

Fixed a bug where incrementally updated build queue and executor list breaks tooltip. (issue 334)
Supported dependencies among plugins (issue 328)
Modified the native maven support to launch Maven as a separate process. (issue 295, issue 312, issue 308,)
Fixed an NPE (and the disappearance of the executors box) when an agent is removed. (issue 149)
Fixed a bug where JNLP fails to launch if agent names contains space or non-ASCII characters. (issue 321)
When a build is tagged, mark the build as keep automatically. (issue 332)
When recording a command that Hudson executed, quote parameters that need to be quoted.
Fixed a bug where the "Go" button is not enabled in Safari (issue 345)
Fixed a bug where the native m2 support didn't handle <module>../foo/</module> correctly (issue 342)

What's new in 1.84 (02-27-2007)

Fixed a NPE in computing Subversion changelog with JDK 1.4 (issue 306)
Fixed a bug where hudson shell script was not working due to the lack of Main-Class entry in jar.
Fixed a bug where copying multiple files from Windows agent to Unix controller had a file name separator translation issue. (issue 331)
[EMMA 1.4] Fixed a problem in parsing floating point character problem in some locales. (issue 325)
Fixed a bug in CVSROOT format check. (issue 323)
Fixed a JDK5 dependency bug. (issue 319)
Fixed a bug in handling missing index.html when serving javadoc. (issue 316)
Fixed a bug where agents launched by JNLP agents cause LinkageError (issue 320)

What's new in 1.83 (02-21-2007)

Fixed a problem where Firefox may ends up using stale cache. (issue 272)
Fixed a possible permission issue in JNLP agent (issue 310)
Modified not to display "cancel build" icon when the security is enabled and the user is not logged in (clicking it was causing 403, so this is not a security hole fix.) (issue 311)
Modified to report Win32 error message even if the controller is on Unix, in case it's reporting errors from agents.
Fixed a bug in the "new job" UI where the OK button don't become active when copying a job. (issue 318)
Modified not to display javadoc link when no javadoc is built yet. (issue 316)

What's new in 1.82 (02-15-2007)

Fixed the initial welcome text for the native m2 support (issue 296)
Fixed a bug where disabled projects were still performing SCM polling.
Fixed a bug in the controller/agent support where SVN credential checks on agents are not working correctly.
Fixed a problem where form value checks were not working correctly with non-ASCII characters. (issue 301)
Removed a JavaSE 5 dependency that has crept in. (issue 304)
Fixed a race condition in the remoting code.
Fixed a bug in handling ANT_HOME with whitespaces (issue 307)
Fixed a bug where textbox expansion by drop-down arrow didn't work in IE7 (issue 303)

What's new in 1.81 (02-12-2007)

Fixed a bug where Hudson doesn't run on Winstone when the temporary directory contains whitespace in path name (such as on Windows.)
hudson.war file is now executable as java -jar hudson.war thanks to Winstone. (issue 137)
Agents can be now launched via JNLP, making it easier to connect Windows agents.
Fixed a ClassCastException in the native maven2 support when POMs include report plugins.
When "default maven" is chosen for the build, Hudson now sniffs the workspace and determine whether maven1 or maven2 should be used. (issue 273)
Fixed a bug where the native maven2 support doesn't display the next scheduled build number correctly for the project.

What's new in 1.80 (02-10-2007)

Fixed a bug in launching Ant on Windows agent from Unix controller (issue 280)
Triggers are now fully integrated into the native maven2 support.
Various pages didn't have proper titles. Fixed hopefully all of them.
Fixed a bug where the native maven2 support fails to build a maven-plugin project.
Fixed a bug where Hudson didn't fire event notification, causing JMX plugin to break (issue 282)
Modified the "new job" screen so that the OK button cannot be selected until you choose the job type. (issue 283)

What's new in 1.79 (02-07-2007)

A whole bunch of bug fixes in the native maven2 support.
Javadoc archiver implemented for maven2.
Surefire report archiver implemented for maven2.
Build queue and executor status are now updated asynchronously without page refresh. (issue 55)
Improved the chained build triggering for the native maven2 support.
Fixed a problem where progressive text is apparently not handled by IE as expected. (issue 274)

What's new in 1.78 (02-02-2007)

[JAVANET-UPLOADER 1.4] Supported wildcards and multiple file match. (issue 258)
Fixed a problem where svn operations fail to work properly on agents.
Fixed a problem in the subversion remote revision computation. (issue 265)
Re-implemented the new job creation page so that it has more information.
Exposed the experimental new job type that supports deeper maven2 integration.
Fixed a bug in handling M2_HOME path with whitespace (issue 270)

What's new in 1.77 (01-30-2007)

Modified to display plugin version numbers in the management screen. (issue 251)
Modified to display information about plugins that were failed to load (issue 250)
For plugins, config pages are made optional just like global config pages. (issue 255)
Added a column title to the status balls so that clickable area can be more easily discovered. (issue 259)
Supported file exclusions in the artifact archiving (issue 257)

What's new in 1.76 (01-25-2007)

Fixed a bug where custom cvs path was not taking effect in changelog computation (issue 242)
Added form syntax validation for the timer trigger.
Improved the error handling/diagnostics of the subversion connection problem.
Improved the config UI so that Ant/Maven options/goals/targets field can be expanded into a multi-line text area by clicking a button. (issue 248)
Fixed a bug where Subversion initialization wasn't done early enough. (issue 245)

What's new in 1.75 (01-24-2007)

Fixed a memory leak in the agent program.
Made cvs binary location configurable. (issue 242)
Improved the error reporting on failed "cvs --version" invocation from the system config screen. (issue 241)
Fixed a bug where auto refresh still kicks in on the console page (issue 239)
Fixed a problem where links to builds from jobs inside views are not correctly computed (issue 237)
Fixed 404 to "build trend" link (issue 235)
Removed a bug in the caching of fingerprint records, which caused unnecessary slow down in busy Hudson.
Fixed a bug where a shutdown of Hudson doesn't terminate ssh used for agents (issue 246)

What's new in 1.74 (01-17-2007)

Fixed a page rendering bug when reporting a dependency change from an unknown revision to a known revision.
Improved the CVS tagging UI so that all the dependency projects can be tagged at one go. (issue 233)
Supported incremental log update in CVS tagging UI.
Fixed a bug in the CR/LF normalization with shell scripts on Windows. Now it always normlizes to Unix style.
Console view now sticks to the bottom, unless overridden by the user. (issue 226)
Hudson now uses the integrated Java subversion client implementation.

What's new in 1.73 (01-12-2007)

[IRCBOT] Fixed a build issue that causes NoSuchFieldError. It's now built with the correct Hudson version.
Fixed a bug in links from artifacts/workspace views to fingerprint records. (issue 221)
Fixed a bug where subversion executable setting in the system configuration is not persisted. (issue 222)
If fails to calculate changelog, Hudson now reports "failed to determine" instead of "not yet determined". (issue 224)
Modified not to display a link to build time trend page if there's no build.
Items in the build queue now comes with a tool tip indicating why it's in the queue. (issue 230)
Fixed a bug in the remoting mechanism where the exception handling doesn't work correctly.

What's new in 1.72 (01-07-2007)

Added a new extension point JobProperty so that plugins can add additional properties to Job.
Breadcrumbs now include views so that users can easily go back to the view that contained the job. (issue 154)

What's new in 1.71 (01-07-2007)

Modified to create a shell script file in the system-specific temporary directory on each node, instead of the workspace. (issue 183)
Fixed a serious bug where saving the job configuration is done before reflecting the submitted configuration, instead of after. This could very likely cause a data loss issue when Hudson is restarted. If you are using 1.69/1.70, you can work around this problem by making changes, submitting it, then reopen the config page and submit that one more time.

What's new in 1.70 (01-06-2007)

Added a new listener SCMListener so that plugins can do something when change set is determined for a build. This is useful for integration with other systems.
Added an extension point ChangeLogAnnotator so that plugins can do HTML markup on changelog text. Again, this is useful for integration with other systems, like hyperlinking to issue tracker.
Fixed a packaging problem of slave.jar. It was missing dependency jars.

What's new in 1.69 (01-03-2007)

Modified not to show the complete build records in case you have a large history. (issue 212)
Progress bars now show the tool tip to indicate the ETA of builds. (issue 210)
Fixed NPE in isAutoRefresh (issue 207)
Significantly reworked the distributed build implementation. If you've been using distributed builds, please see documentation and this e-mail for more details.
Improved hyperlinks in test reports. (issue 216)
Build time trend chart is now clickable.
Test result trend chart is now clickable.
Modified the internals so that plugins can contribute graphs and other HTML fragments, like test report trend.
Fixed a bug where a change in the node affinity setting of a project doesn't cause the rescheduling of builds if builds are already in queue.
Be sure to also update your plugins if you are using any.

What's new in 1.68 (12-20-2006)

Fixed a bug where help links in a form set dynamically added don't work. (issue 168)
Fixed a bug when individual files are specified as CVS modules. (issue 202)
Improved the display style of the test result summary in the build status page. (issue 174)
System log view now has RSS feeds. (issue 204)
Fixed a bug in cvs change log computation wrt time zone (details)
Fixed a bug in cvs update wrt time zone (issue 209)

What's new in 1.67 (12-15-2006)

The build history panel now shows build descriptions, if any (issue 148)
System configuration can be now saved even if some agents are down.
Fixed a race condition which could cause changes made to large CVS projects to not be reported in the build changelog. Now all CVS checkouts and updates use timestamps. (issue 192)
Improved detection of deleted files when using CVS.
Added a link to the build time trend in the build history. (issue 197)
Fixed a bug where the build time trend report always show "master", not the actual agent (issue 198)
Fixed a bug where the labels of charts are often unnecessarily truncated. (issue 199)
Build time graph now uses different colors to reflect the build status. (issue 200)
Don't display "create view" link if the security is enabled and the user is not logged in. (issue 201)
Fixed a problem so that form pages are not auto-refreshed regardless of the current user setting. (issue 193)

What's new in 1.66 (12-11-2006)

Fixed a packaging error where hudson and slave script files were missing (issue 188)
Fixed a bug in prev/next navigation for projects with URL-unsafe characters in it (like space) (issue 186)
Fixed a broken link in the "no workspace" error page (issue 181)
Fixed a bug where '/' and '\' in the user name causes failures in persisting user information.
Started adding event mechanism for some of Hudson model objects.
Fixed a bug where Hudson incorrectly report that changes are not yet determined, when in fact it's already determined that there is no change. (issue 176)
Improved the error diagnostics when Hudson is run in a container that doesn't support servlet 2.4. (issue 189)
Fixed an NPE that happens when Hudson tries to send e-mails to individuals, when the default domain suffix is not configured.

What's new in 1.65 (12-07-2006)

Hudson's ATOM feeds are now ATOM 1.0 compliant (issue 170)
Improvements for the Builds View, where "keep build" and "delete build" buttons are not shown to guest users (issue 171)
Fixed a bug where guest users could start builds via direct URLs when Hudson security is enabled (issue 177)
Added an easy and secure way to trigger builds remotely from scripts when Hudson security is enabled (issue 178).
Added brief changelog information (author, message) to top of build failure mails.
[XVNC] Display numbers now start at 10 to avoid clashes with normal displays.
[XVNC] Fixed allocation of display numbers to recycle old numbers.
[XVNC] Fixed stopping of vncserver process. (issue 173)
If a build's log file has grown to a large size, a link [raw] is displayed on the status page which jumps directly to the raw console text. Using this link can save your browser from freezing up trying to view an enormous log file. You may also wish to download the log file from this URL and browse offline in a text viewer designed for large files.
Persist auto refresh mode for session in a cookie. (issue 130)
Fixed CVS update bug introduced in 1.64. (issue 190)

What's new in 1.64 (11-21-2006)

Fixed a data-loss issue discovered in 1.63. Users upgrading from older versions to 1.63 loses the Ant and Maven configurations.
When changelog is not yet computed, the build page should report so. (issue 172)
[BUILD-TIMEOUT] Implemented a new plugin that lets you automatically abort builds if a build has not finished after the specified amount of time. (issue 157)
[XVNC] Implemented a new plugin to run Xvnc server during the build, for jobs that need GUIs. (issue 158)
Added one more extension point in the architecture to support new plugins.
If a project using both CVS "legacy mode" (multiple top-level modules) and update mode checks out additional modules as part of its build, changes in these extra modules will be reported in the changelog for subsequent builds.

What's new in 1.63 (11-18-2006)

1.63 was taken off from the download because of the data loss issue fixed in 1.64. Please use 1.64 instead.

Fixed a usability issue with the icon resize feature, and build page on individuals now also reflect the icon size. (issue 159)
Fixed a bug where "send separate e-mails to individuals who broke the build" can cause NPE. (issue 165)
Fixed a bug where RSS may publish non-finalized build results. (issue 163)
Fixed a bug where the sort order of the status ball column was wrong (issue 160)
Removed the "people" link if there's nothing to display there. (issue 162)
Form validation was added to the "build other projects" and "Build after other projects are built". It even suggests what you might have intended.
Added form validation to agent configurations. (issue 150)
[JAVANET-UPLOADER] fixed broken links to help pages.
[JAVANET-UPLOADER] added macro substitution support for configuration.

What's new in 1.62 (11-17-2006)

Fixed a bug where empty list of recipients of build notification messages causes NPE in Mailer component.
Modified to set the date field in the outgoing e-mails. (issue 155)
The # of concurrent SCM polling activities can be now bound to a certain number, allowing the better throttling. This option is only available once you have a certain number of jobs. Also, for a deployment with a large number of jobs, a push-based notification via e-mail is recommended. (issue 151)
More internal architecture improvement. Descriptors are now persisted by XStream.
Icon size in the view pages are now selectable from S, M, and L. (issue 152)
Fixed the checkbox out-of-sync behavior when configuration page is reloaded (issue 145)

What's new in 1.61 (11-13-2006)

Fixed a bug where removing the agent from configuration causes NPE (issue 149)
When a build is marked to be kept, the build history now shows an icon indicating so. (issue 147)
Build log can be now selectively deleted. (issue 25)
Accept and handle relative HUDSON_HOME values
Added EXECUTOR_NUMBER environment variable so that scripts can coordinate allocation of machine local resources.

What's new in 1.60 (11-08-2006)

Fixed one horrible synchronization bottle-neck (issue 142)
More internal restructuring in lights of newer plugin development effort.
Added a scripting console where you can execute arbitrary Groovy script. Ideal for trouble-shooting.
Implemented a work around to the problem in Tomcat where it breaks XSLT. This has been breaking JAPEX plugin on JDK 5.0
Added a project change log page that lists all changes in all the builds of a given project.
Build page now reports changes in the dependency jars, if fingerprint recording is configured.
Fixed a bug that prevented Hudson from running on Jetty.
Changed the build system from Ant to Maven.
Fixed a data file format problem with the retroweaver's enum class.
Switching from retroweaver to retrotranslator.
Fixed a bug where mail notification fails with PatternSyntaxException

What's new in 1.59

User build pages now have RSS feeds
Jobs in queue are now preserved when Hudson restarts (issue 140)
Improved error recovery from some fatal build problems (issue 138)
Expanded user properties. Now each user can have its own e-mail address and full name configured.
User object now has extensible property mechanism so that plugins can add per-user information.
Fixed a bug in "keep build logs of dependency" feature.
A few infrastructure improvements.
Implemented e-mail notification for individuals who broke the build.
E-mail notifications can be now sent to individuals who broke the build. (issue 59)
Fixeda bug where CVS tagging failure doesn't leave detailed error messages

What's new in 1.58

Supported RSS 2.0 feeds (on top of existing ATOM format) (issue 135)
Fixed a bug where the "just show failures" link wasn't working (issue 129)
Added the first cut for the per-user page, that lists information about a particular user.
Improved visual cue on sortable table.
System properties and environment variable list are now sorted by default.
The top-level project list is now sortable.
Implemented a feature where you can tell Hudson to always keep build logs of dependency of your project.
Implemented Windows batch file support. (issue 139)

What's new in 1.57

Fixed more memory consumption related issues. Now Hudson uses even less memory.
Fixed a bug where rendering of fingerprint details get messed up under some conditions.
View and job has now inline editable description field.
Builds can now have description associated with it.
Fixed a JRE5 dependency that was crept in.

What's new in 1.56

[JAPEX] Implemented regression tracking.
Added a graph to display the trend of build time.
Supported SMTP authentication (issue 128)
Fixed a bug in CVS changelog computation logic where a change in a deep branch does not always attributed to the right branch.
Changed the mechanism to link to a plugin during the development. This is a breaking change for plugin developers, but shouldn't affect users.

What's new in 1.55

Drastically reduced Hudson's disk usage with CVS projects, by only archiving CVS control files and not the real files themselves.
Added a plugin upload form in the plugin management screen.
Made some internal modeling changes to accommodate more plugins.
Fixed a memory leak bug in Hudson, which is especially visible with the Japex plugin.
Fixed a bug in fingerprint-based build relation tracking. (issue 127)
Fixed a bug where a progressive log output may report an error when you look at the console output very early on the build stage.

What's new in 1.54

Fixed a problem where Hudson fails to report changelogs for some files. The exact cause is unknown, but it's likely related to time zone difference between client and server.
On Unix, Hudson was unable to delete read-only files. Now it tries to do a better job. (issue 118)
Hudson used to report 404 when you try to kill a build that has already been killed or stopped. This is handled more gracefully. (issue 116)
Fixed a bug where the location of the help box was sometimes incorrect. (issue 119)
Updated to work with Subversion 1.4 correctly (issue 124)
Fixed a bug in the project dependency computation between unrelated projects. (issue 123)
Fixed dead links (issue 122)

What's new in 1.53

Hyperlinking filenames in log section of build failure mail to published artifacts, or failing that, to the workspace.
Reduced synchronizations in favor of volatile and copy-on-write data structure.
REGRESSION: cannot run Hudson on fresh installation (issue 120).

What's new in 1.52

added an option to the artifact archiver to ignore all but the latest artifacts.
Further fixes for the titles of web pages. (issue 112)
Minor improvements to logging.
Fixed one dead lock issue.

What's new in 1.51

Fixed a bug where the selection of the current maven installation is incorrectly shown when loading a project config page.
Common web pages now have proper titles. (issue 112)
Fixed a bug where CVS changelog sometimes display changes from different branches. (issue 111)
Fixed a bug in the form field validation logic for CVSROOT, where it often reports a false-positive error (with cvs >= 1.11.1)

What's new in 1.50

Fixed a bug that occasionally prevents fingerprints from being displayed, when files are created outside Hudson.
Added a mechanism to perform form field validation remotely. The first one to use this is the subversion executable location field in the system configuration. The form now validates if the executable actually exists, then it also checks the version to see if it satisfies the minimum requirement. (issue 110)
the value entered for the .cvspass field is now validated on the fly.
Added a link from the system config screen to check the cvs client program version, to assist trouble shooting.
Added a primitive log viewer so that error information and such can be viewed from a browser.
All applicable system config form fields are validated (more work to be done for other forms in the future versions.)
Fixed a packaging error where the version number was not shown correctly.

What's new in 1.49

Fixed a concurrency bug in parsing timestamps from HTTP headers.
Added a simple welcome screen to display when Hudson is first installed.
[JAPEX] Fixed a rendering problem when test case names contains URL unsafe characters like '/'
Fixed a JSP->Jelly conversion error in the project relationship check page.
If fingerprint recording is configured on both upstream and downstream projects, the project index page shows a link to the relationship search page.
Fixed minor formatting problems especially wrt SP char in various places.
If fingerprint recording is configured, build index page now shows corresponding upstream and downstream builds.

What's new in 1.48

The help section of the Ant invocation configuration now has a link to the list of environment variable list, as suggested by Juozas.
Hudson decodes win32 error code and shows human readable error message.
Added system diagnostic page to show the system properties and environment variables in which the container runs. Useful for trouble-shooting.
Improved the error handling when MAVEN_HOME is misconfigured.
Fixed a bug where Ant invocation on Windows fails to capture the exit code correctly.

What's new in 1.47

Moved the system-level management functions into one page to reduce the number of items in the task bar.
Implemented a mechanism to prevent new builds from being executed, so that a busy Hudson can be safely shutdown.
Scrollbar is slowed down to avoid drawing attention too much
Modified to periodically clean up unused workspaces on agents. (issue 91)
[JAVANET-UPLOADER] Don't post to java.net if a build failed.
System config screen now displays the clock difference between controller and agent nodes (issue 84)

What's new in 1.46

Improved the error handling when no workspace is created yet.
[JAPEX] Fixed a bug where it rendered the global configuration page non-submittable.
Improved the error handling in the timer scheduler. This should be a fix for (issue 107)
Fixed 404 when trying to remove jobs from build queues in view pages.

What's new in 1.45

Refactored various code to make it easy to maintain plugin backward compatibility.
Links to workspace and artifacts on the project top page is now expanded to include icon.
Fixed a bug where the build duration is not displayed correctly if there was no failure. (issue 108)
Hudson Japex plugin 1.0 is posted.
Hudson java.net uploader plugin 1.0 is posted.

What's new in 1.44

".svn" directories are now ignored from the workspace view
Fixed a bug that static contents like javadoc or workspace served from Hudson didn't have any MIME type associated with it.
Help icons in the config page is now accessible via TAB key (issue 105)
Exposed plugin management screen. (Still need to think about auto-installation and stuff like that)

What's new in 1.43

Implemented the plugin support.
Documented the plugin support (see the bottom of the top page.)
Fixed the CVS changelog date parsing issue with some locales (issue 98)
Fixed a bug in handling multiple modules in CVS.
Fixed a bug where configuring downstream projects cause the upstream project to list the same downstream projects multiple times.

What's new in 1.42

Fixed a bug in Subversion change polling logic. (issue 96)
Issue 101 that was supposed to be fixed in 1.41 was not fixed.
Changed the location of the default HUDSON_HOME to avoid web containers from accidentally wiping out the workspace when hudson.war is updated.
Started working on plugin support.

What's new in 1.41

Implemented the detection of unsupported JVMs. (issue 97)
Improved error recovery from CVS changelog parsing failure.
Fixed one more bug crept in during JSP -> Jelly conversion (issue 99)
Fixed a bug in the image file name "Save.gif" vs "save.gif". (issue 100)
Fixed a bg where character escapes were not done correctly in many places. (issue 101)

What's new in 1.40

Switched view technology from JSP to Jelly, for more flexibility.
Implemented job renaming. (issue 90)
Added code to clean up old records in fingerprint periodically (issue 89)

What's new in 1.39

Improved the config screen so that you can edit upstream projects. (issue 83)
Improved the error recovery from HeadlessException. (issue 82)
Improved the error recovery from X11 connection problem. (issue 93)
Fixed a bug where CVS invocation doesn't handle whitespaces in directory names correctly.
Fixed a bug where controller/agent communication doesn't carry whitespaces in directory names correctly.
Modified to display a progress bar even if no previous records are available (issue 88)

What's new in 1.38

Fixed a bug where a subversion changelog computation may cause a failure because of non-existent revision number.
Improved error diagnosability when subversion changelog computation fails.
If the error notification e-mail gets too long, Hudson now truncates it just to show the last part of it (which is usually what contains the error message.)
Improved the diagnostics of the configuration error in the JUnit report. (issue 85)
Added upstream project links (that complements the downstream projects)

What's new in 1.37

Fixed a bug where a large changelog message gets truncated. (issue 74)
Fixed a bug where Subversion change log incorrectly shows one change from the previous build. (issue 75)
Change the initialization order so that cron job now starts after Hudson finished loading.
Hudson now uses "svn info --xml" for polling changes in the subversion repo. (issue 77)
Fixed a bug in cron scheduler for interpreting hours field in PM. (issue 78)
When a project is disabled, Hudson now shows it as grey for visual cue. (issue 79)
Tweaking CVS changelog computation.

What's new in 1.36

Fixed a bug where "previous build" link appears incorrectly when logs are rotated. (issue 70)
Copied Ant CVS changelog parser code into a different package to avoid NoSuchMethodError. (issue 71)

What's new in 1.35

Fixed a bug where "view as plaintext" link may get far too right when the console output is wide. (issue 69)
CVS changelog computation is made a lot more efficient. Hudson will use the output from cvs update to reduce the amount of traffic/time needed for the changelog computation.
Implemented CVS/Subversion change polling. (issue 31)

What's new in 1.34

Command execution now prints the current directory name for assisting trouble-shooting. (issue 65)
I think I fixed a bug where a job can accidentally run hung even though no executor seems to be building it. (issue 62)

What's new in 1.33

Fixed bugs wrt handling non-ASCII characters in project names, test names, etc. (The servlet spec is a real mess when it comes to i18n!)
Added a new view to display console output as text/plain (for downloading and maximum screen use)
The last successful build log is kept regardless of the log rotation setting, so that at least one successful build is always available for download. (issue 57)

What's new in 1.32

Added spinner image when console output is being loaded progressively.
Added auto-completion to the project relationship comparison page.
Added links from a project index page to "downstream" project pages (those are the projects that will be built once the current project is built)
Fixed a critical bug where the rendering of the external job page fails.
If JUnit test report tallying is configured but no test is found, Hudson assumes that it's a configuration error and marks a build as a failure.

What's new in 1.31

Modified to gracefully handle unsafe characters in the JUnit test reports. (issue 42)
Hudson can now render Subversion change log details correctly.
Fixed a typo (issue 48)
Fixed various issues in running Hudson in Jetty.
Changed the format of $HUDSON_HOME/config.xml slightly to make it look nicer (this is a backward compatible change.)
Fixed various issues in running Hudson in JDK 1.4
Subversion-based projects now display the repository revision number (issue 50)

What's new in 1.30

Projects can be now configured to temporarily disable new builds (issue 39)
Build history now shows a new pending build. (issue 44)
Console output of an on-going build now updates automatically without reloading (issue 46)
Implemented a new page where you can track which builds of one project is used by which builds of another project.

What's new in 1.29

Test result trend can be displayed in two modes now. One is just to show failures, the other is to show both total tests and failures. The former is useful when you have healthy tests (a large number of tests and small number of failures.)
Fixed the bug where RSS pages weren't rendered correctly at all.

What's new in 1.28

Projects with junit report configured will now produce a trend report
Improved the efficiency when loading a project page with a large test result
Next build number of jobs are now stored in a separate file so that configurations can be stored in CVS more easily
Changed the URL assigned to fingerprint pages, so that they can be bookmarked (for example, you can keep a bookmark of "fingerprint of foo.jar in the last successful build")
Implemented cron-like scheduled execution.
Updated help documents a bit.

What's new in 1.27

If no test result is found when a test report is configured, a build is considered a failure.
A bug fix is made where sometimes the e-mail notification reports incorrect results (this time, it's really fixed!)

What's new in 1.26

The URL in the e-mail was incorrect. Fixed that.
When a new job is created by copying another, the build number wasn't reset to 1.
A bug fix is made where sometimes the e-mail notification reports incorrect results.

What's new in 1.25

Improved the performance of rendering the build page with a large test result.
Fixed a problem where a large test result consumes the PermGen space too much.
Implemented the 'fingerprint' recording. See a separate document for more details.
Fixed a problem where "tag this build" pages don't show the left task bar.
Agent can be now marked as "temporarily offline" to avoid builds to be scheduled on it
Implemented a new switch on the e-mail notification to avoid sending out e-mails on every unstable build. Useful for those lazy projects where test failures are the norm.

What's new in 1.24

Tweaked the way Hudson launches a remote job, so that it can work with older versions of Unix. (Some Solaris systems seem to be unable to handle "~/bin/slave" while others do.)
Placed the icon to cancel builds on more places (issue 36)
The top page and view pages can now display user-configured HTML. Useful for linking to relevant resources or post a notice.
Changed the URL assignment so that build #53 of project ABC is now ".../hudson/job/ABC/53". The next build number is no longer modifiable through the configuration screen. This change should make the URL more intuitive and short. Old URLs are still supported for the backward compatibility.
Implemented a workaround for a Firefox bug that sometimes displays build status icons incorrectly (when you reload a build page to check the updated status.)
Fixed a bug where URLs in the notification e-mail is not escaped.

What's new in 1.23

Fixed a bug where e-mail notifications weren't working.

What's new in 1.22

Fixed a JBoss deployment problem reported by Wilson Jimmy.
Introduced the "unstable" state to represent test failures.
More help documents.
build notice e-mail now includes a link to the website.
Started adding page for each agent (issue 35)
Agents can now be configured so that they can be reserved for certain jobs.
Fixed URL assignment to test failures, so that an URL to a test result of the last successful build can point to the same test across builds.
Test results in a class view is now sortable (just like all the other tables.)

What's new in 1.21

RSS links are added to HTML header so that RSS-aware browsers can pick them up
Added a new operation mode for CVS to prevent redundant intermediate directories. Added a compatibility option so that existing projects won't be affected.

What's new in 1.20

Various bug fixes for regressions occurred in 1.19
Expanded the documentation.
If there are a lot of the archived artifacts, Hudson now switches to the tree view.
Modified not to display "build" link to non-buildable jobs.

What's new in 1.19

Various bug fixes and improvements in the test report.
Next/Previous build link now cycles through the same page between builds. So if you are reading the console output page, just clicking "previous build" will take you to the console output of the previous build.
Implemented controller/agent support
When a large number of build artifacts are archived, Hudson won't show a very long list of bullet lists.
Changed the icon that kills an on-going build to 'x' icon.
Updated the ATOM feed icon to the one from https://feedicon.com/
Fixed the location and color of login/logout link.

What's new in 1.18

Hudson now has JUnit test result report
Subversion configuration now allows more options to be set.
Supported configuration of the "quiet period"
Some /bin/sh doesn't like "-x -e". So changed it to "-xe"

What's new in 1.17

Changed the version scheme. Instead of 1.0.X, I'm now calling them 1.X.
Clicking progress bars will take you to the console output page.
Fixed a bug where an incorrect error handling causes 500 if you failed to properly create a project in a view.
Fixed security holes.
Improved the workspace file view
Hudson now returns the "Last-Modified" header correctly so that clients can cache HTML smartly (this was really a bug in stapler
Replaced PNG images by GIF images to avoid Internet Explorer & PNG transparency issue

What's new in 1.0.16

Fixed a critical presentation issue in 1.0.15

What's new in 1.0.15

UI make over

What's new in 1.0.14

A new job can be now created by copying an existing one.
Javadoc publisher can show the link to the project javaflow from the navigation bar.
When entering CVSROOT, it auto-completes.
Jobs can be now grouped into views.
Workspace view now sorts files in alphabetical order.
Added a new build publishing step that publishes javadoc to the project page.
Patched Ant so that CVS changelog computation won't hang even when commit messages confuses the changelog parser.

What's new in 1.0.13

Maven support.
When terminating a build, kill all the processes spawned.
Fixed rendering errors that appear in IE.
Fixed a bug in subversion support.

What's new in 1.0.12

Builds in a queue can be now cancelled (issue 24)
Hudson can now monitor external jobs that are run on remote machines.
Bug fixes.

What's new in 1.0.11

Reduced the disk space usage for CVS-based projects
Projects can now declare the JDK version it wants to use more easily. (Previously you needed to use the shell option.)
Improved UI experience in Ant/JDK installation configurations by using JavaScript.
Fixed the incorrect title of the RSS feeds (issue 23)
Bug fixes

What's new in 1.0.10

CVS-based projects now allow builds to be tagged long after they are completed. (For example, if you realize 1 week later that build #95 is important, you can tag it.)
Fixed bugs in the RSS feeds (thanks to Ronald Klop)
Hudson now generates HTML files that prevents robots from accessing links