./devel/jenkins, Open source continuous integration server (weekly release)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.25, Package name: jenkins-2.25, Maintainer: ryoon

Jenkins is an award-winning application that monitors executions
of repeated jobs, such as building a software project or jobs run
by cron. Among those things, current Jenkins focuses on the following
two jobs:

1. Building/testing software projects continuously, just like
CruiseControl or DamageControl. In a nutshell, Jenkins provides an
easy-to-use so-called continuous integration system, making it
easier for developers to integrate changes to the project, and
making it easier for users to obtain a fresh build. The automated,
continuous build increases the productivity.

2. Monitoring executions of externally-run jobs, such as cron jobs
and procmail jobs, even those that are run on a remote machine.
For example, with cron, all you receive is regular e-mails that
capture the output, and it is up to you to look at them diligently
and notice when it broke. Jenkins keeps those outputs and makes it
easy for you to notice when something is wrong.

Required to run:

Master sites:

Version history: (Expand)

CVS history: (Expand)

   2016-10-13 11:37:50 by Filip Hajny | Files touched by this commit (1) | Package updated
Log message:
Import Jenkins 2.19.1 (LTS) as devel/jenkins-lts.

Changes since 2.7.4 (last LTS update made under devel/jenkins):

Changes from 2.19:
- Fixed the missing icon in the System Script console.
- Fixed background color in the ComboBoxList element in order to
  make options visible.
- Fixed editing default view description with automatic refresh.
  System message is not being displayed instead of the view
- Do not process null CRON specifications in build triggers.
- Setup wizard now checks if the restart is supported on the
  system before displaying the restart button.
- Test Windows junctions before Java 7 symlink in symbolic link

Notable changes since 2.7.4:
- Fix plugin dependency resolution. Jenkins will now refuse to
  load plugins with unsatisfied dependencies, which resulted in
  difficult to diagnose problems. This may result in errors on
  startup if your instance has an invalid plugin configuration.,
  check the Jenkins log for details.
- Don't load all builds to display the paginated build history
- Tell browsers not to cache or try to autocomplete forms in
  Jenkins to prevent problems due to invalid data in form
  submissions. From now on, only select form fields (e.g. job name)
  will offer autocompletion.
- Add diagnostic HTTP response to TCP agent listener.
- Allow admins to control the enabled agent protocols on their
  instance from the global security settings screen.
- Prevent NullPointerException on startup after update from
  Jenkins 2.5.
- Always send usage statistics over HTTPs to the new
  usage.jenkins.io hostname.
- Do not inject build variables into Maven process by default for
  new projects.
- IllegalStateException under certain conditions when reloading
  configuration from disk while jobs are in the queue.
- Underprivileged users were unable to use the default value of a
  password parameter.
   2016-10-13 11:35:11 by Filip Hajny | Files touched by this commit (5) | Package updated
Log message:
Update devel/jenkins to 2.25.

Based on a PR by Jussi Sallinen. Switch to the weekly release
branch and prepare to share framework with devel/jenkins-lts.

Upstream changelog follows (LTS backports up to 2.7.4 excluded).

What's new in 2.25 (2016/10/09)
- Display transient actions for labels.
- Add user to restart log message for restart after plugin
- Internal: Code modernization: Use try-with-resources a lot more

What's new in 2.24 (2016/10/02)
- Show notification with popup on most pages when administrative
  monitors are active.
- Allow disabling/enabling administrative monitors on Configure
  Jenkins form.
- Ensure exception stacktrace is shown when there's a
- Add new jenkins.model.Jenkins.slaveAgentPortEnforce system
  property, which prevents slave agent port modification via
  Jenkins Web UI and form submissions.
- Indicate hovered table row on striped tables.
- Decrease connection timeout when changing the JNLP agent port
  via Groovy system scripts.
- Added Serbian locatization.
- Exclude /cli URL from CSRF protection crumb requirement, making
  the CLI work with CSRF protection enabled and JNLP port
- Prevent instatination of jenkins.model.Jenkins on agents in the
  ProcessKillingVeto extension point.
- Fix handling of the jenkins.model.Jenkins.slaveAgentPort system
  property, which was not honored.
- CLI: Disable the channel message chunking by default. Prevents
  connection issues like java.io.StreamCorruptedException: invalid
  stream header: 0A0A0A0A.
- CLI: Connection over HTTP was not working correctly.

What's new in 2.23 (2016/09/18)
- Fix JS/browser memory leak on Jenkins dashboard.
- Build history was not properly updating via AJAX.
- Properly enable submit button on New Item page when choosing
  item type first.

What's new in 2.22 (2016/09/11)
- Change symbol and constructor for SCMTrigger to pollScm to make
  it usable in Pipeline scripts.
- Prompt user whether to add the job to the current view.
- Update to sshd module 1.7, allowing definition of client idle
- Update to sezpoz 1.12 with better diagnostics.
- Fix NullPointerException when descriptor is not in
- Use the correct 'gear' icon for Manage Jenkins in Plugin

What's new in 2.21 (2016/09/04)
- Ask for confirmation before canceling/aborting runs.
- Add newline after the text in userContent/readme.txt.
- Fixed the missing icon in the System Script console.
- Print warnings to system logs and administrative monitors when
  Jenkins initializarion does not reach the final milestone.
- Developer API: UpdateSite#getJsonSignatureValidator() can be now
  overriden and used in plugins.

What's new in 2.20 (2016/08/28)
- Make Cloud.PROVISION permission independent from
- Allow the use of custom JSON signature validator for Update Site
  metadata signature checks.
- Do not process null CRON specifications in build triggers.
- Setup wizard now checks if the restart is supported on the
  system before displaying the restart button.
- Test Windows junctions before Java 7 symlink in symbolic link
- Fixed background color in the ComboBoxList element in order to
  make options visible.
- Fixed editing default view description with automatic refresh.
  System message is not being displayed instead of the view
- Fixed process tree management logic on Solaris with 64-bit JVMs.

What's new in 2.19 (2016/08/21)
- Prevent resource leaks in AntClassLoader being used in the core.
- Fix the wrong message about empty field in the case duplicate
  item name in the New Item dialog.
- Allow invoking Upgrade Wizard when Jenkins starts up. It can be
  done by placing an empty
  jenkins.install.InstallUtil.lastExecVersion file in JENKINS_HOME.
- Replace repetitious "website" and "dependencies" text in the
  Setup Wizard by icons.
- Expose Job name to system logs when Jenkins fails to create a
  new build with IllegalStateException.
- Downgrade Queue#maintain() message for dead executors during
  task mapping from INFO to FINE.

What's new in 2.18 (2016/08/15)
- Better diagnostics and robustness against old ChangeLogAnnotator
  API usage in plugins. Enhances JENKINS-23365 fix in 1.569.
- Prevent open file leak when the agent channel onClose() listener
  writes to the already closed log.
- Massive cleanup of issues reported by FindBugs. User-visible
  issues - wrong log message formatting bugs in the Update Center
  and user creation logic.
- Remoting 2.61: JNLP Slave connection issue with JNLP3-connect
  when the generated encrypted cookie contains a newline symbols.
- Remoting 2.61: Retry loading classes when remote classloader
  gets interrupted.
- Remoting 2.61: Improve diagnostics of Local Jar Cache write
- Remoting 2.62: Be robust against the delayed EOF command when
  unexporting input and output streams.
- Remoting 2.62: Cleanup of minor issues discovered by FindBugs.
- Remoting 2.62: Improve class filtering performance in remote
- Remoting 2.62: TCP agent connection listener now publishes a
  list of supported agent protocols to speed up the connection
- Improve German, Lithuanian and Bulgarian translations.

What's new in 2.17 (2016/08/05)
- Don't load all builds to display the paginated build history
- Add dagnostic HTTP response to TCP agent listener.
- Internal: Invoke FindBugs during core build.

What's new in 2.16 (2016/07/31)
- Fix plugin dependency resolution. Jenkins will now refuse to
  load plugins with unsatisfied dependencies, which resulted in
  difficult to diagnose problems. This may result in errors on
  startup if your instance has an invalid plugin configuration,
  check the Jenkins log for details.
- Decouple bouncycastle libraries from Jenkins into
  bouncycastle-api plugin.
- Upgrade to instance-identity module 2.1.
- Hide the Java Web Start launcher when the TCP agent port is
- Allow admins to control the enabled agent protocols on their
  instance from the global security settings screen.
- Display delete button only when build is not locked.
- Use build start times instead of build scheduled times in build
  timeline widget.
- Internal: Move CLI commands wait-node-online/wait-node-offline
  from core to CLI module.
- Internal: Allow accessing instance identity from core.
- Internal: Fix the default value handling of

What's new in 2.15 (2016/07/24)
- Tell browsers not to cache or try to autocomplete forms in
  Jenkins to prevent problems due to invalid data in form
  submissions. From now on, only select form fields (e.g. job name)
  will offer autocompletion.
- Prevent null pointer exceptions when not entering a cron spec
  for a trigger.
- Defend against some fatal startup errors.
- Use the icon specified by the computer implementation on its
  overview page.
- Internal: Extract the CLI command offline-node from core.

What's new in 2.14 (2016/07/17)
- Minor optimization in calculation of recent build stability
  health report.
- When a user aborts the build, this user may be restored after
  its deletion.
- Prevent potential NullPointerException in the
  BlockedBecauseOfBuildInProgress build blockage cause
- CLI commands quiet-down and cancel-quiet-down were extracted
  from the core to CLI.
- Developer API: Extract listing of computer names to the
  ComputerSet#getComputerNames() method.
- Developer API: Add a try with resources form of impersonation.
- Developer API: Usage of ItemCategory#MIN_TOSHOW in external
  plugins is now restricted.

What's new in 2.13 (2016/07/10)
- Eliminate "dead executor" UI appearing after certain errors,
  such as JENKINS-27530.
- Make setup wizard installation panel usable on small screens.

What's new in 2.12 (2016/07/05)
- Enable the DescriptorVisibilityFilters for ComputerLauncher,
  RetentionStrategy and NodeProperty.
- Before starting a process, ensure that its working directory
- Prevent NullPointerException during SCM polling if
  SCMDecisionHandler returns null veto.
- Fix optional plugin dependency version resolution.
- When creating a tar file, ensure that the final size does not
  exceed the value in header in the case of growing files.
- Do not inject build variables into Maven process by default for
  new projects.
- Update BUILD_TAG environment variable description to mention the
  replacement of slashes with dashes.
- Internal API: Make BulkChange auto-closeable.

What's new in 2.11 (2016/06/26)
- Provide an extension point for SCM decisions such as whether to
  poll a specific job's backing repository for changes.

What's new in 2.10 (2016/06/19)
- Better exception message if a SecurityRealm returns null when
  loading a user.
- Prevent NullPointerException in user registration if user ID is
  not specified.
- Internal: It was impossible to build Jenkins on 32-bit Linux

What's new in 2.9 (2016/06/13)
- Remoting 2.60: Do not invoke PingFailureAnalyzer for
  agent=>master ping failures.
- API: Allow delegating TaskListener creation to build agent
   2016-09-30 17:13:14 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update devel/jenkins to 2.7.4 (LTS)

Jenkins 2 is a drop-in replacement of the Jenkins 1.x series of
releases and fully backward compatible.

2.7.4 (2016-09-08)

- Prevent File descriptor leaks when reading plugin manifests. It
  causes failures during the upgrade of detached plugins on

2.7.3 (2016/08/31)

- Stop A/B testing of the remoting JNLP3 protocol due to the known
  issues. The protocol can be enabled manually via the
  jenkins.slaves.JnlpSlaveAgentProtocol3.enabled system property.
- When checking Update Center, append ?uctest parameter to HTTP
  and HTTPS URLs only.
- Ensure that detached plugins are always at least their minimum
- Remove trailing space from Hudson.DisplayName in Spanish, which
  resulted in problems with Blue Ocean.
- Make sure that the All view is created.
- Incorrect formatting of messages in the Update Center and Setup
- Underprivileged users were unable to use the default value of a
  password parameter.
- Properly handle exceptions during global configuration form
  submissions when SCM Retry Count field is empty.
- Do not allow disabled project to be triggered remotely.
- Ensure that SCMDescriptor.newInstance overrides are honored when
  creating new SCM entries.
- Add a cache for user information to fix performance regression
  due to SECURITY-243.
- Performance: Disable AutoBrowserHolder by default to improve the
  changelog rendering performance.
- Honor non-default update sites in setup wizard.

2.7.2 (2016/08/03)

- Always send usage statistics over HTTPs to the new
  usage.jenkins.io hostname.
- Fix issues in file management in hudson.remoting.Launcher (main
  executable class).
- Remoting 2.60: Fix potential file handle leaks during the build
  agent (FKA slave) startup. issue 35190)
- Remoting 2.60: Proper handling of the no_proxy environment
- Performance: Improve configuration page load times by removing
  the CodeMirror reloading cycle.
- Remoting 2.60: hudson.Remoting.Engine#waitForServerToBack now
  uses credentials for connection.
- IllegalStateException under certain conditions when reloading
  configuration from disk while jobs are in the queue.
- Allow keeping builds forever with custom build retention
- Remoting 2.60: Make the channel reader tolerant against Socket

2.7.1 (2016/07/06)

Changes from 2.7:
- Installation Wizard: Do not offer creating new admin user if the
  security is preconfigured.
- API: Make it easier for UpdateSites to tweak the
- Fix the repeatable item delete button layout in Safari.
  Addresses Build Steps and other such configuration items.
- Prevent NullPointerException on startup after update from
  Jenkins 2.5.
- Explicitly declare compatibility of Windows build agent service
  with .NET Framework 4.
- Honor noProxy settings from "Manage Jenkins > Manage Plugins >
- API: Restrict external usages of
- Internal: Upgrade Groovy to 2.4.7 to finalize the fix in Jenkins

Notable changes since 1.651.3:
- More detailed information about the new features in Jenkins 2 on
  the overview page. Note that AJP support has been removed, if
  your service script enables it, Jenkins will fail to start.
- New password-protected setup wizard shown on first run to guide
  users through installation of popular plugins and setting up an
  admin user.
- Plugin bundling overhaul: Bundled plugins are only installed if
  necessary when upgrading, all plugins can be uninstalled.
- Redesigned job configuration form makes it easier to understand
  the option hierarchy, and to navigate the form.
- Richer 'Create Item' form with job icons and job categories
  (once a threshold of three categories has been reached).
- Support encrypted communication between master and JNLP slaves.
- Enable disabled dependencies during plugin installations.
- Force ordering between GPG and jarsigner to ensure correct GPG
- Secured Jenkins installations didn't properly save the queue on
- Upgrade wizard encourages installation of Pipeline related
  plugins when upgrading from 1.x.
- Jenkins now requires Servlet 3.1. Upgraded embedded
  Winstone-Jetty to Jetty 9 accordingly. This removes AJP support
  when using the embedded Winstone-Jetty container.
- Bundled Groovy updated from 1.8.9 to 2.4.7.
- Moved tools configuration from Configure Jenkins to separate
- Added option to prohibit anonymous access to security realm
  "Logged in users can do anything", enable by default.
- Renamed 'slave' to 'agent' on the UI.
- Improvements to inline documentation of numerous form fields in
  Jenkins global and job configuration.
- Change default CSRF protection crumb name to Jenkins-Crumb for
  nginx compatibility.
- Add symbol annotations on core.
- Workaround for unpredictable Windows file locking.
- Remove the historical initialization of CVS changelog parser for
  jobs without explicit SCM definition. Warning! This change may
  potentially cause a regression if a Jenkins plugin depends on
  this default behavior and injects changelogs without SCM.
- Add the JOB_BASE_NAME environment variable to builds (job name
  without path).
- Allow overriding Jenkins UpdateCenter by a custom
- Allow overriding Jenkins PluginManager by a custom
- Allow setting of properties from context.xml and web.xml in
  addition to setting system properties from the command line.
- Remoting: Allow Jenkins admins to adjust the socket timeout.
  (Controlled by hudson.remoting.Engine.socketTimeout)
- Remoting: Allow disabling the remoting protocols individually.
  Allows working around compatibility issues like JENKINS-34121.
  (Controlled by PROTOCOL_CLASS_NAME.disabled)
- Remoting, scalability: Ensure that the unexporter cleans up
  whatever it can each GC sweep.
- Remoting: Force class load on UserRequest to prevent deadlocks
  on Windows nodes agents in the case of multiple classloaders.
  (Controlled by hudson.remoting.RemoteClassLoader.force)
- Make ToolInstallers to follow HTTP 30x redirects.
- Disable JSESSIONID in URLs when running in the JBoss web
  container. It prevents Error 404 due to invalid links starting
  from Jenkins 1.556. More info: WFLY-4782
- Allow starting non-AbstractProject (e.g. Pipeline) jobs from
- Plugin Manager was building incorrect list of bundled plugins
  for nested dependencies.
- Developer API: Add WorkspaceList.tempDir(...).
- Developer API: Allow putting @Initializer annotations on
  instance methods.
- Developer API: Allow specifying custom AbortExceptions.

1.651.3 (2016/06/08)

- Cannot enable disabled dependencies.
- Listed Parameters should reflect what was used when the build
- Installation Wizard: SEVERE errors in logs, enabling of the
  enabled plugin.
- Check Updates PeriodicWork dies horribly in the case of invalid
- RSS ID duplication for items with same name in different
- Remoting, scalability: Ensure that the unexporter cleans up
  whatever it can each GC sweep.
- Remoting: Force class load on UserRequest to prevent deadlocks
  on Windows nodes agents in the case of multiple classloaders.
  (Controlled by hudson.remoting.RemoteClassLoader.force)
- Remoting: Allow Jenkins admins to adjust the socket timeout.
  (Controlled by hudson.remoting.Engine.socketTimeout)
- Remoting: Allow disabling the remoting protocols individually.
  Allows working around compatibility issues like JENKINS-34121.
  (Controlled by PROTOCOL_CLASS_NAME.disabled)

1.651.2 (2016/05/11)

- Important security fixes
- Update remoting to 2.57.
- Pipeline runs not reliably started after restart when using
  Build after other projects are built.
- Prevent badges in build history sidepanel widget from
  overlapping page contents.
- Do not hardcode .bat extension for Maven on Windows.
- Don't store redundant build causes, make list of build causes
- Make context meny link Delete Project work with CSRF protection

1.651.1 (2016/04/14)

Changes from 1.651:
- Honor the option to opt out of usage statistics submission.
- Plugin filters were failing to be removed and blocking restart.
- Do not fail update center check if there are no tool installers
- Fix argument masking for sensitive build variables on Windows.
- Under some conditions Jenkins startup could fail because of
  incorrectly linked extensions; now recovering more gracefully.
- Multiple bug fixes related to shutdown sequence.

Notable changes since 1.642.3:
- Move periodic task log files from JENKINS_HOME/*.log to
  JENKINS_HOME/logs/tasks/*.log and rotate them periodically
  rather than overwrite every execution.
- Allow changing the directory used for the extraction of plugin
  archives via the --pluginroot CLI option (also controllable via
  the hudson.PluginManager.workDir system property / context
  parameter. Also document the --webroot CLI parameter in java
  -jar jenkins.war --help
- Unify CLI exit code semantics.
- Add time zone to generation date in footer in most locales.
- The Windows service wrapper now specifies the --webroot argument
  to extract the war file into %BASE%.
- Allow retrying core update when the first attempt failed.
- Allow specifying the default TCP slave agent listener port via
  system property.
- Fix documentation of proxy configuration.
- Retrieve tool installer metadata from all update sites.
- Fields on the parameters page are no longer aligned at the
- Cleanup of CLI error handling and return codes.
- Boot failure hook script did not work,
  WebAppMain.contextDestroyed produces weird errors.
- ArrayIndexOutOfBoundsException when parsing range set.
- Generate new instance identity file when the existing one is
  found to be corrupt.
- Developer: The official parent POM for plugins is now hosted in
  the plugin-pom repository, starting with version 2.0.
- API changes: Add a reusable implementation of IdleOfflineCause
- Developer: Split test harness into separate artifact.
- Developer: Pass $it to contents of dropdownDescriptorSelector.

1.642.4 (2016/03/31)

- Honor the option to opt out of usage statistics submission.

1.642.3 (2016/03/16)

- Fields on the parameters page are no longer aligned at the
- Under some conditions a build record could be loaded twice,
  leading to erratic behavior.

1.642.2 (2016/02/24)

- Important security fixes
- Don't submit usage statistics while Jenkins hasn't finished
- Performance regression when setting JDK installations.
- Renaming a node over another was possible and destroys both
- A CloudProvisioningListener can prevent provisioning of all
  clouds instead of just the targeted cloud.
- GroovyHookScript needs Jenkins to be initialized but should not
  (for e.g. boot failure script).
- Don't show "termination trace" as warning in the log as
  it's not necessarily an error condition.

1.642.1 (2016/01/20)

- No changes compared to 1.642
   2015-12-17 21:20:30 by Aleksej Saushev | Files touched by this commit (3) | Package updated
Log message:
Update to Jenkins 1.642.

Changes in 1.642 (2015/12/13)

- Various kinds of settings could not be saved since 1.640.
  (issue 31954)

Changes in 1.641 (2015/12/09)

- Important security fixes (CVE-2015-7536, CVE-2015-7537,
  CVE-2015-7538, CVE-2015-7539)

Changes in 1.640 (2015/12/07)

- Added support of default values in the enum.jelly form
  element. (PR 1926)
- Bytecode Compatibility Transformer computes the common super
  class without loading classes. Fixes the ClassCircularityError
  exception in Ruby Runtime Plugin. (issue 31019)
- Extended Choice parameter definitions could not be saved since 1.637.
  (issue 31458)
- Display expected CRON run times even if a warning occurs.
  (issue 29059)
- Rework the online-node command implementation, no functional
  changes. (issue 31776)
- Fix the footer behavior in particular cases. (issue 30304,
  issue 31395)
- API changes: Deprecate subclassing of hudson.Plugin. (PR 1940)

Changes in 1.639 (2015/11/29)

- "Discard old builds" setting would be lost if resaving job
  configuration as of 1.637 without rechecking the box. (issue 31518)
- "Form too large" errors from Jetty when submitting massive
  forms. (issue 20327)
- Multiple workspace browser features broken on Windows masters
  since 1.634. (issue 31015)

Changes in 1.638 (2015/11/11)

- Important security fixes (CVE-2015-5317, CVE-2015-5318,
  CVE-2015-5319, CVE-2015-5320, CVE-2015-5324, CVE-2015-5321,
  CVE-2015-5322, CVE-2015-5323, CVE-2015-5325, CVE-2015-5326,

Changes in 1.637 (2015/11/08)

- Remove useless warnings about a JDK named null. (issue 31217)
- New OptionalJobProperty class to simplify JobProperty
  creation. (pull 1888)

Changes in 1.636 (2015/11/01)

- Add "lastCompletedBuild" job permalink. (issue 26270)

Changes in 1.635 (2015/10/25)

- Make Node implement Saveable. (issue 31055)
- Revert trigger optimizations made in 1.621 by PR 1617.
  (issue 30745)
- Delegate CLI's delete-node command to the overridable
  Computer.doDoDelete() method. Fixes the issue in OpenStack and
  JClouds plugins. (issue 31098, regression in 1.618)
- Prevent autocorrect of username on mobile devices in login
  forms. (PR 1531)
- Describe the built-in JDK as "(System)". (issue 755)
- Update JNA library to 4.2.1 in order to integrate fixes for
  linux-ppc64 and linux-arm platforms. (issue 15792)

Changes in 1.634 (2015/10/18)

- Fix order of builds in new builds history widget introduced
  in 1.633. (issue 30899)
- Bytecode Compatibility Transformer would fail to transform
  some classes resulting in ClassNotFoundException. (issue 30820)
- Prevent ClassCastException in AbstractBuild::reportError() if
  the build step is not Publisher. (issue 30730)
- Trim job names during the rename operation (it is impossible
  to delete or rename jobs with trailing spaces). (issue 30502)
- Add "graphBg" and "plothBg" background color options to plot
  URLs (PR 1769)
- API changes: Add get method for causes of interruption in
  hudson.model.Executor (PR 1712)
- Allow case insensitive file patterns in Artifacts Archiving.
  (issue 5253)
- Prevent NullPointerException while estimating duration of
  Queue executable items. (issue 30456)
- Fix the resolution of Windows symbolic links in
  SecretRewriter. (issue 30456)
- Let a combobox display its drop-down when focused, so users
  can see candidates without entering a letter. (issue 26278)

Changes in 1.633 (2015/10/11)

- Added safari pinned tab icon.
- Plugin Manager UI changes to prevent users from
  enabling/disabling/uninstalling plugins at the "wrong" time.
  (issue 23150)
- bytecode-compatibility-transformer produces malformed
  bytecode. (issue 28781)
- Properly handle RuntimeExceptions in run retention policy
  handler calls. (issue 29888)
- Prevent NullPointerException in CLI if Jenkins cannot find the
  specified job or a job with the nearest name. (issue 30742)
- Do not show REST API link for pages, which have no API
  handlers. (issue 29014)
- JS alert preventing to leave a configuration page without
  changes. (issue 21720)
- JS error triggered by collapsing build history widget. (issue 30569)
- Build history pagination and search. (issue 26445)

Changes in 1.632 (2015/10/05)

- Optimize TagCloud size calculation. (issue 30705)
- FlyWeightTasks tied to a label will not cause node
  provisioning and will be blocked forever. (issue 30084)
- Prevent NullPointerException for disabled builds in
  ReverseBuildTrigger. (issue 29876)
- ConsoleLogFilter wasn't truly global (issue 30777)
- API changes: hudson.Util.isOverridden() now supports protected
  methods. (issue 30002)
- Sidepanel controls with confirmation (lib/layout/task) did not
  assign the proper CSS style. (issue 30787)

Changes in 1.631 (2015/09/27)

- Add proper labels for plugin categories assigned to some
  plugins. (PR 1758)

Changes in 1.630 (2015/09/20)

- Make JenkinsRule useable on systems which don't support JNA
  (issue 29507)

Changes in 1.629 (2015/09/15)

- Old data monitor made Jenkins single-threaded for all saves.
  (issue 30139)

Changes in 1.628 (2015/09/06)

- Replaced all non java.util.logging logging libraries with
  slf4j interceptors. (PR 1816)
- Document allBuilds subtree in remote API for jobs. (PR 1817)

Changes in 1.627 (2015/08/30)

- Race condition in triggers could cause various
  NullPointerExceptions. (issue 29790)
- Archiving of large artifacts. Tar implementation cannot handle
  files having a size >8GB. (issue 10629)
- Allow plugins to augment or replace the plugin manager UI. (PR 1788)

Changes in 1.626 (2015/08/23)

- RunIdMigrator fails to revert Matrix and Maven jobs. (issue 29989)
- Fix error message "Failed to listen to incoming slave connection"
  after fixing port through init.groovy.d. (issue 29798)

Changes in 1.625 (2015/08/17)

- Fixed a deadlock between the old data monitor and
  authorization strategies. (issue 29936)
- Allow rejecting configurations with errors in critical fields
  via REST / CLI. (issue 28440)
- Do not display No changes if changelog is still being computed.
  (issue 2327)

Changes in 1.624 (2015/08/09)

- Allow more job types to use a custom "Build Now" text. (issue 26147)

Changes in 1.623 (2015/08/02)

- No notable changes in this release.

Changes in 1.622 (2015/07/27)

- Jenkins now support self-restart and daemonization in FreeBSD
  (PR 1770)
- Node provisioner may fail to correctly indicate that
  provisioning was finished. (issue 29568)

Changes in 1.621 (2015/07/19)

- Sort by 'Free Disk Space' is incorrect. (issue 29286)
- Label expression help is missing in recent Jenkins versions.
  (issue 29376)
- Pre-emptively break memory cycles causing excessive live-set
  retention in remoting layer. (issue 28844)
- Don't run trigger for disabled/copied projects. (PR 1617)

Changes in 1.620 (2015/07/12)

- Display system info even when slave is temporarily offline.
  (issue 29300)

Changes in 1.619 (2015/07/05)

- Update auto-installer metadata for newly installed plugins.
  (issue 27694)
- Allow plugins to veto process killing. (issue 9104)

Changes in 1.618 (2015/06/29)

- Fix deadlock in hudson.model.Executor. (issue 28690)
- Don't truncate /consoleText output after fixed number of
  lines. (issue 14899)
- Allow delete-* CLI commands to operate on multiple arguments.
  (issue 28041)
- Prevent NullPointerException in Executor/causeOfDeath page if
  there is no exception details. (issue 25734)
- Fixed synchronization issue when setting JDK installations.
  (issue 28292)
- Fix several loggers which are identifying as the wrong class.
  (PR 1651)
- Revert fix for issue 17290 due to the regressions it caused.
  (issue 28601)
- Fix deadlock between hudson.model.Queue and
  hudson.model.Computer. (issue 28840)
- Fix jobs getting stuck in the Queue when there exists a cycle
  of upstream/downstream blocks between them. (issue 28926)
- Always use earlier start time when merging two equivalent
  queue items. (issue 2180)

Changes in 1.617 (2015/06/07)

- Regression in build-history causing ball to not open console
  (issue 28704)
- JNLP slaves did not pick up changes to environment variables.
  (issue 27739)
- NullPointerException in AbstractProject constructor if Jenkins
  nodes has not been loaded yet (issue 28654)

Changes in 1.616 (2015/05/31)

- Job loading can be broken by NullPointerException in a build
  trigger (issue 27549)

Changes in 1.615 (2015/05/25)

- Improper calculation of queue length in UnlabeledLoadStatistics
  causing overheads in Cloud slave provisioning (issue 28446)
- Category titles in Available Plugins list appear wrong in
  reverse sort order (issue 17290)
- CronTab API: Timezone support for scheduling (issue 9283)
- NullPointerException when trying to reset Jenkins admin
  address (issue 28419)
- Reduce the thread overhead in NodeMonitorUpdater (PR 1714)
- Build history overflows (issue 28425)
- Build History badges don't wrap (issue 28455)

Changes in 1.614 (2015/05/17)

- ExtensionList even listener. (issue 28434)
- NullPointerException computing load statistics under some
  conditions. (issue 28384)
- Plugins using class loader masking did not work properly over
  the slave channel. (issue 27289)
- DefaultJnlpSlaveReceiver now returns true when rejecting a
  takeover. (issue 27939)
- Do not follow href after sending POST via l:task (issue 28437)

Changes in 1.613 (2015/05/10)

- Update bundled LDAP plugin in order to restore missing help
  files (issue 28233)
- hudson.model.Run.getLog() throws IndexOutOfBoundsException
  when called with maxLines=0 (issue 27441)

Changes in 1.612 (2015/05/03)

- Jenkins now requires Java 7. (announcement, issue 28120)
- Handle AbortException publisher status in the same way as
  deprecated false boolean status (issue 26964)
- Ensures GlobalSettingsProvider does not swallow fatal
  exceptions (issue 26604)
- add datestamp to node-offline message (issue 23917)
- Larger minimum popup menu height. (issue 27067)
- Descriptor.getId fix in 1.610 introduced regressions affecting
  at least the Performance and NodeJS plugins. (issue 28093 and
  issue 28110)
- Under rare conditions Executor.getProgress() can throw a
  Division by zero exception. (issue 28115)
- The Run from the command line option for launching a JNLP
- slave should display the configured JVM options. (issue 28111)

Changes in 1.611 (2015/04/26)

- Descriptor.getId fix in 1.610 introduced a regression
  affecting at least the Copy Artifacts plugin. (issue 28011)
- Search box did not work well inside folders. (issue 24433)
- Revert changes in 1.610 made to resolve issue 10629. (issue
  28012, issue 28013)
- Advertise JNLP slave agents to the correct host name, even in
  the presence of a reverse proxy. (issue 27218)
- Advertised TCP slave agent port number is made tweakable.
- Correctly identify Channel listener onClose propagated
  exceptions (issue 28062)

Changes in 1.610 (2015/04/19)

- Since 1.598 overrides of Descriptor.getId were not correctly
  handled by form binding, breaking at least the CloudBees
  Templates plugin. (issue 26781)
- Reverted in 1.611, reimplemented in 1.627. Archiving of large
  artifacts. Tar implementation cannot handle files having a
  size >8GB. (issue 10629)
- The queue state was not updated between scheduling builds.
  (issue 27708, issue 27871)

Changes in 1.609 (2015/04/12)

- When concurrent builds are enabled, artifact retention policy
  may delete artifact being used by an actually running build.
  (issue 27836)
- Documentation for $BUILD_ID did not reflect current reality
  (issue 26520)

Changes in 1.608 (2015/04/05)

- PeepholePermalink RunListenerImpl oncompleted should be
  triggered before downstream builds are triggered. (issue 20989)
- NPE when /script used on offline slave. (issue 26751)
- Make periodic workspace cleanup configurable through system
  properties. (issue 21322)
- Do not offer to restart on /restart and /safeRestart if the
  configuration does not support it. (issue 27414)
- Polling was skipped while quieting down, resulting in ignored
  commit notifications. This behavior was changed. (issue 26208)
- Starting this version, native packages are produced from the
  new repository. File issues related to installers and packages
  in the packaging component.

Changes in 1.607 (2015/03/30)

- JSONP served with the wrong MIME type and rejected by Chrome.
  (issue 27607)
- Security file pattern whitelist was broken for some plugins
  since 1.597. (issue 27055)
- Lock an Executor without creating a Thread (issue 25938)
- Hide flyweight master executor when ≥1 heavyweight executors
  running as subtasks (issue 26900)
- Way to mark an Executable that should not block
  isReadyToRestart (issue 22941)
- Refactor the Queue and Nodes to use a consistent locking
  strategy (issue 27565) Note that this change involved moving
  slave definitions outside the main config.xml file. If you
  downgrade after this, your slave settings will be lost.
- Makes the Jenkins is loading screen not block on the
  extensions loading lock (issue 27563)
- AdjunctManager: exception upon startup (issue 15355)
- Removes race condition rendering the list of executors (issue 27564)
- Tidy up the locks that were causing deadlocks with the once
  retention strategy in durable tasks (issue 27476)
- Remove any requirement from Jenkins Core to lock on the Queue
  when rendering the Jenkins UI (issue 27566)
- Prevent lazy loading operation when obtaining label
  information. (issue 26391)
- Ensure that the LoadStatistics return a self-consistent
  result. (issue 21618)
- Build reports to be running for 45 yr and counting. (issue 26777)

Changes in 1.606 (2015/03/23)

- Jenkins CLI doesn't handle arguments with equal signs (issue 21160)
- master/slave communication ping reacts badly if a clock jumps.
  (issue 21251)
- JNLP slaves can now connect to master through HTTP proxy.
  (issue 6167)
- Fixes to several security vulnerabilities. (advisory)

Changes in 1.605 (2015/03/16)

- Integrate Stapler fix for queue item API always returning 404
  Not Found since 1.601. (issue 27256)

Changes in 1.604 (2015/03/15)

- Added a switch (-Dhudson.model.User.allowNonExistentUserToLogin=true)
  to let users login even when the record is not found in the
  backend security realm. (issue 22346)
- Avoid deadlock when using build-monitor-plugin. (issue 27183)
- As security hardening, mark "remember me" cookie as HTTP only
  (issue 27277)
- Show displayName in build remote API. (issue 26723)

Changes in 1.602 (2015/03/08)

- Show Check Now button also on Available and Updates tabs of
  plugin manager. (PR 1593)

Changes in 1.601 (2015/03/03)

- Regression with environment variables in 1.600. (issue 27188)
- Errors with concurrent matrix builds since 1.597. (issue 26739)
- Errors in Dashboard View plugin since 1.597. (issue 26690)
- Robustness improvement when setting up Archive Artifacts
  programmatically. (issue 25779)
- Map Queue.Item.id onto Run (issue 27096)

Changes in 1.600 (2015/02/28)

- Fixes to multiple security vulnerabilities.
- JDK auto-installer for Mac OSX
- An error thrown in the wrong place in a publisher could result
  in a failure to release a workspace lock. (issue 26698)
- Cache node environment to prevent unnecessary channel usage
  (issue 26755)
- Build history text field wrap fails when containing markup
  (issue 26406)
- Maven build step fail to launch mvn process when special chars
  are present in build variables. (issue 26684)

Changes in 1.599 (2015/02/16)

- Errors in some Maven builds since 1.598. (issue 26601)
- Build format change migrator in 1.597 did not work on some
  Windows systems. (issue 26519)
- Remote FilePath.chmod fails with ClassNotFoundException:
  javax.servlet.ServletException. (issue 26476)
- Added SimpleBuildWrapper API. (issue 24673)
- Animated ball in job's build history widget won't open Console
  Output. (issue 26365)
- Show job name in Schedule Build column tool tip. (issue 25234)
- Allow OldDataMonitor to discard promoted-build-plugin
  Promotions (issue 26718)

Changes in 1.598 (2015/01/25)

- FutureImpl does not cancel its start future. (issue 25514)
- Flyweight tasks were under some conditions actually being run
  on heavyweight executors. (issue 10944) (issue 24519)
- Folder loading broken when child item loading throws
  exception. (issue 22811)
- Plugin icon images were broken when running Jenkins from a UNC
  path. (issue 26203)
- Allow admin signup from /manage as well. (issue 26382)
- Amend JAVA_HOME check to work with JDK 9. (issue 25601)
- CLI list-jobs command should display raw name, not display
  name, where they differ. (issue 25338)
- Show queue item parameters in tool tip. (issue 22311)
- Better support functional tests from Gradle-based plugins.
  (issue 26331)
- Allow users to delete builds even if they are supposed to be
  kept. (issue 26281)
- Fixed side/main panel scrolling issues. (issue 26312, issue
  26298, issue 26306)
- Improve error reporting when channel closed during build.
  (issue 26411)
- Fixed CodeMirror issue with height and re-enabled syntax
  highlighting in shell build step. (issue 25455, issue 23151)

Changes in 1.597 (2015/01/19)

- JENKINS_HOME layout change: builds are now keyed by build
  numbers and not timestamps. See Wiki for details and
  downgrade. (issue 24380)
- Do not throw exception on /signup when not possible. (issue 11172)
- Tool installer which downloads and unpacks archives should not
  fail the build if the tool already exists and the server returns
  an error code. (issue 26196)
- Fingerprint compaction aggravated lazy-loading performance
  issues. (issue 19392)
- Possible unreleased workspace lock if SCM polling fails during
  setup. (issue 26201)
- Misleading description of the 'workspace' permission. (issue 20148)
- Run parameters should show display name if set, rather than
  build numbers. (issue 25174)
- Add range check for H(X-Y) syntax. (issue 25897)

Changes in 1.596 (2015/01/04)

- Build page was broken in Hungarian localization while
  building. (issue 26155)
- Allow breaking label and node lists. (issue 25989)

Changes in 1.595 (2014/12/21)

- Spurious warnings in the log after deleting builds. (issue 25788)
- Master labels disappear when system configuration is updated.
  (issue 23966)
- Updated icon-set dependency to version 1.0.5. (issue 25499,
  issue 25498)

Changes in 1.594 (2014/12/14)

- After recent Java security updates, Jenkins would not
  gracefully recover from a deleted secrets/master.key.
  (issue 25937)
- Restrict where this project can be run regressed in 1.589 when
  using the ClearCase plugin. (issue 25533)

Changes in 1.593 (2014/12/07)

- Dynamic Single/Multi line Build History layout. (issue 25381,
  issue 25393, issue 24687, issue 24589)

Changes in 1.592 (2014/11/30)

- Performance problems on large workspaces associated with
  validating file include patterns. (issue 25759)

Changes in 1.591 (2014/11/25)

- Always use forward slashes in path separators during in ZIP
  archives generated by Directory Browser (issue 22514)

Changes in 1.590 (2014/11/16)

- Basic Authentication in combination with Session is broken
  (issue 25144)
- Some plugins broken since 1.584 if they expected certain
  events to be fired under a specific user ID. (issue 25400)
- Fixed various real or potential resource leaks discovered by
  Coverity Scan (pull request 1434)
- API changes: Expose
  for plugins. (pull request 1456)
- API method to aggregate multiple FormValidations into one.
  (pull request 1458)
- API method to get non-null Jenkins instance with internal
  validation (issue 23339)

Changes in 1.589 (2014/11/09)

- JNA error in WindowsInstallerLink.doDoInstall. (issue 25358)
- Restore compatibility of label assignment for some plugins.
  (issue 25372)

Changes in 1.588 (2014/11/02)

- Unnecessarily slow startup time with a massive number of jobs.
  (issue 25473)
- Custom workspace option did not work under some conditions.
  (issue 25221)

Changes in 1.587 (2014/10/29)

- Queue didn't always leave a trail for cancelled items properly
  (issue 25314)
- JNA update for deprecated JNA-POSIX library. (issue 24527)
- Introduced slave-to-master security mechanism to defend a
  master from slaves. (SECURITY-144)

Changes in 1.586 (2014/10/26)

- Bumping up JNA to 4.10. This is potentially a breaking change
  for plugins that depend on JNA 3.x (issue 24521)
- Prevent empty file creation if file parameter is left empty.
  (issue 3539)
- Servlet containers may refuse to let us set secure cookie
  flag. Deal with it gracefully. (issue 25019)
- Existing FileParameters should be handled as different values
  to avoid merging of queued builds (issue 19017)

Changes in 1.585 (2014/10/19)

- Build health computed repeatedly for a single Weather column
  cell. (issue 25074)
- Missing workspace page should use 404 status code. (issue 10450)
- Fixed memory leak occurring on pages producing incremental
  output with a progress bar. (issue 25081)
- Updated SSH Slaves plugin to 1.8.
- Due to the reaction, default umask in debian package is set
  back to 022 (issue 25065)
- Greater-than characters are not escaped in HTML outputs like
  e-mails (issue 16184)
- Thread starvation from OldDataMonitor. (issue 24763)
- Integer overflow in quiet-down timeout calculation (issue 24914)
- Don't put session IDs in URLs even when cookies are disabled.
  (issue 22358)
- Show keep build log reason in tool tips (pull request 1422)
- Do not disable projects, which do not support such operation
  (like Matrix configurations) (issue 24340)
- Improved the scalability of SSH slaves plugin caused by global
  lock in SecureRandom (issue 20108)
- Incorporated a fix for "Poodle" (CVE-2014-3566) vulnerability
  in the HTTPS connector of "java -jar jenkins.war" (issue 25169)

Changes in 1.584 (2014/10/12)

- Diagnostic thread names are now available while requests are
  still in filters
- When killing Windows processes, check its critical flag to
  avoid BSoD (issue 24453)
- When a user could not see a view, but could delete/move/rename
  jobs contained in it, the view was not properly updated.
  (issue 22769)
- Use POST for cancel quiet down link. (issue 23020, issue 23942)
- Do not consider port in use error to be a successful start of
  Jenkins on Debian. (issue 24966)

Changes in 1.583 (2014/10/01)

- Fixes to multiple security vulnerabilities:
  SECURITY-87/CVE-2014-3661 (anonymous DoS attack through CLI handshake)
  SECURITY-110/CVE-2014-3662 (User name discovery)
  SECURITY-127&128/CVE-2014-3663 (privilege escalation in job configuration \ 
  SECURITY-131/CVE-2014-3664 (directory traversal attack)
  SECURITY-138/CVE-2014-3680 (Password exposure in DOM)
  SECURITY-143/CVE-2014-3681 (XSS vulnerability in Jenkins core)
  SECURITY-150/CVE-2014-3666 (remote code execution from CLI)
  SECURITY-155/CVE-2014-3667 (exposure of plugin code)
  SECURITY-159/CVE-2013-2186 (arbitrary file system write)
  SECURITY-149/CVE-2014-1869 (XSS vulnerabilities in ZeroClipboard)
  SECURITY-113/CVE-2014-3678 (XSS vulnerabilities in monitoring plugin)
  SECURITY-113/CVE-2014-3679 (hole in access control)

Changes in 1.582 (2014/09/28)

- Channel reader thread can end up consuming 100% CPU. (issue 23471)
- CancelledKeyException can cause all JNLP slaves to disconnect
  (and the problem remains until restart). (issue 24050)
- Consider dynamic label assignments for label load statistics.
  (issue 15576)
- Use Windows line endings for batch file build steps. (issue 7478)
- Reduced the logging clutter about the lack of @ExportedBean.
  (issue 24458)
- Character encoding problem in form submission when file
  parameters are present. (issue 11543)
- Improved error handling and "in-progress" UI feedback in JNLP
  slave to service installation.
- Winstone 2.4: reverse proxy support in the logging, request
  header size limit control, and different private key password
  from keystore password. (issue 23665)
- umask setting on Debian did not work. (pull 1397)
- handle job move when buildDir is configured to a custom
  location. (issue 24825)

Changes in 1.581 (2014/09/21)

- Use slightly larger Jenkins head icon. (pull 1360)
- Allow setting a system property to disable X-Frame-Options
  header. (issue 21881)
- Explicitly set background color of various UI elements to
  white. (issue 24625)
- Wrong Hebrew localization resulted in broken console output
  since 1.539. (issue 24614)

Changes in 1.580 (2014/09/14)

- Health reports saved to disk before 1.576 showed no weather
  icon since that version. (issue 24407)
- Renaming jobs fails if parent dir of custom build records
  directory does not exist. (issue 19764)
- Add editable descriptions for label atoms. (issue 6153)

Changes in 1.579 (2014/09/06)

- ConcurrentModificationException in
  RunListProgressiveRendering. (issue 21437)
- StackOverflowError for some old SCMListeners. (issue 23522)
- Job status page shows "Build has been executing for null on
  master" for flyweight tasks. (issue 20307)
- File locking issue when running functional tests on Windows.
  (issue 21977)
- Tolerate ?auto_refresh in reverse proxy check on /manage page.
  (issue 24014)
- Debian package now sets umask to 027 by default for better
  default privacy. See /etc/default/jenkins to change this.
  (issue 24514)

Changes in 1.578 (2014/08/31)

- Added 'no-store' to the 'Cache-Control' header to avoid
  accidental information leak through local cache backup
  (issue 24337)
- Deadlock in OldDataMonitor. (issue 24358)
- Use absolute links for computer sidepanel items so they don't
  break as easily. (issue 23963)

Changes in 1.577 (2014/08/24)

- Failure to migrate legacy user records in 1.576 properly broke
  Jenkins, resulted in NullPointerExceptions. (issue 24317)
- Jenkins did not correctly display icons contributed by plugins
  in 1.576. (issue 24316)
- Moved JUnit reporting functionality to a plugin. (issue 23263)
- Fixed ClassCastException on org.dom4j.DocumentFactory (issue 13709)
- Jenkins now logs warnings when it fails to export objects to
  XML/JSON. This can result in a lot of log output in case of
  heavy API use. We recommend that API users use the ?tree
  parameter instead of ?depth.
- Allow BuildStep to work with non-AbstractProject (issue 23713)
- Improved class loading performance when using Groovy. (issue 24309)
- Prevent NullPointerException from Executor.run. (issue 24110)
- Make the lifetime of queue items cache configurable. (issue 19691)
- Support --username/--password authentication for CLIMethod
  based CLI commands. (issue 23988)
- Don't link to /safeRestart after update if Jenkins cannot
  restart itself. (issue 24032)
- Properly consider busy executors when reducing a node's
  executor count. (issue 24095)

Changes in 1.576 (2014/08/18)

- Worked around "incompatible InnerClasses attribute" bug in IBM
  J9 VM (issue 22525)
- Fixed a file descriptor leak with CLI connections. (issue 23248)
- Fixed a regression that removed all users with uppercase
  letters in the user name since 1.566. (issue 23872)
- Improving security of set-build-parameter and set-build-result
  CLI commands. (issue 24080)
- Startup can be broken by deeply recursive causes in build
  records. (issue 24161)
- Displaying unabridged test result trend on project index page
  defeated lazy loading. (issue 23945)
- Added support for host:port format in X-Forwarded-Host header.
  (commit 19d8b80)
- API to launch processes without printing the command line.
  (issue 23027)
- Added option to increase impact of test failures on the
  weather report. (issue 24006)
- Modernized sidebar <l:pane>s and making them work better with
  new layout. (issue 23810, issue 23829)
- Add option to CLI to skip key authentication (e.g. when
  there's a password on the default key). (issue 23970)
- Modernize tabBar and bigtable. Makes the project view look
  better. Same for Plugin Manager. (issue 24030)

Changes in 1.575 (2014/08/10)

- Move option to fingerprint artifacts to Archive the Artifacts,
  Advanced options. (commit f43a450)
- Move option to keep dependencies (builds) from Fingerprint to
  Advanced Project Options. (commit a8756c6)
- Improved validation of Build Record Root Directory setting.
  (issue 14538)
- Indicate which node the workspace being viewed is on.
  (issue 23636)
- Show full project name for projects in folders. (issue 22971)
- UI redesign: Shrink the top bar, change logo, changed links in
  top bar.
- Killing processes started by builds on Unix was broken as of
  1.553. (issue 22641)
- Should not stop a build from finishing just to compute JUnit
  result difference to a prior build which is still running.
  (issue 10234)
- Do not show link to System Information page for offline
  slaves, make page more robust when offline. (issue 23041)
- Fix link to SCM polling log from downstream job cause.
  (issue 18048)
- Autocomplete logger names. (issue 23994)
- UI redesign: Fix links in header bar when logged in.
- Do not show changes for the build at the lower bound of the
  changes list. (issue 18902)
- Restrict access to SCM trigger status page to administrators.
  (pull 1282)

Changes in 1.574 (2014/07/27)

- UI redesign: Use Helvetica as default font (issue 23840)
- Synchronization issue during tool installation (issue 17667)
- Use native encoding for filenames in downloaded ZIPs. (issue 20663)

Changes in 1.573 (2014/07/20)

- UI redesign: Changed element alignment, removed sidebar link
  underlines (pull 1314, pull 1316)
- Word-break links in build logs to preserve page width (pull 1308)
- Log rotation fails with "...looks to have already been
  deleted" (issue 22395)
- Fixed unnecessary eager loading of build records in certain
  code path. (issue 18065)

Changes in 1.572 (2014/07/13)

- UI redesign: Changed header, made layout <div>-based and
  responsive (pull 1310)
- Improved handling of X-Forwarded-* headers (issue 23294)
- Do not offer automatic upgrade if war parent directory is not
  writable (issue 23683)

Changes in 1.571 (2014/07/07)

- IllegalArgumentException from AbstractProject.getEnvironment
  when trying to get environment variables from an offline
  slave. (issue 23517)
- Overall.READ is sufficient to access
  /administrativeMonitor/hudsonHomeIsFull/ (SECURITY-134)
- Master computer is not notified using ComputerListener (issue 23481)

Changes in 1.570 (2014/06/29)

- Add CLI commands to add jobs to and remove jobs from views
  (add-job-to-view, remove-job-from-view). (issue 23361)
- UI improvements / refreshing. (issue 23492)
- Failed to correctly resave a project configuration containing
  both a forward and a reverse build trigger. (issue 23191)
- Long log output resulted in missing Console link in popup.
  (issue 14264)
- HTTP error 405 when trying to restart ssh host. (issue 23094)
- Move 'None' Source Code Management option to top position.
  (issue 23434)
- Fixed NullPointerException when ArctifactArchiver is called
  for a build with the undefined status. (issue 23526)
- Allow disabling use of default exclude patterns in
  ArctifactArchiver (.git, .svn, etc.). (issue 20086)
- Fixed NullPointerException when "properties" element is
  missing in a job's configuration submission by JSON (issue 23437)

Changes in 1.569 (2014/06/23)

- Jenkins can now kill Win32 processes from Win64 JVMs. (issue 23410)
- Allow custom security realm plugins to fire events to
  SecurityListeners. (issue 23417)
- Recover gracefully if a build permalink has a non-numeric
  value. (issue 21631)
- Fix form submission via the Enter key for Internet Explorer
  version 9. (issue 22373)
- When Jenkins had a lot of jobs, submitting a view
  configuration change could overload the web server, even if
  few of the jobs were selected. (issue 20327)

Changes in 1.568 (2014/06/15)

- Fixed JNLP connection handling problem (issue 22932)
- Fixed NullPointerException caused by the uninitialized
  ProcessStarter environment in build wrappers (issue 20559)
- Support the range notation for pagination in API (issue 23228)
- Incorrect redirect after deleting a folder. (issue 23375)
- Incorrect links from Build History page inside a folder.
  (issue 19310)
- API changes allowing new job types to use SCM plugins. (issue 23365)
- API changes allowing to create nested launchers (DecoratedLauncher)
  (issue 19454)

Changes in 1.567 (2014/06/09)

- Fixed a reference counting bug in the remoting layer.
- Avoid repeatedly reading symlinks from disk to resolve build
  permalinks. (issue 22822)
- Show custom build display name in executors widget. (issue 10477)
- CodeMirror support for shell steps broke initial configuration.
  (issue 23151)
- Jenkins on Linux can not restart after plugin update when
  started without full path to java executable (issue 22818)
- Fixed NullPointerException when a build triggering returns
  null cause (issue 20499)
- Fixed NullPointerException on plugin installations when
  invalid update center is set (issue 20031)
- Use DISABLED_ANIME icon while building a disabled project
  (issue 8358)
- Process the items hierarchy when displaying the Show Poll
  Thread Count option (issue 22934)
- Compressed output was turned on even before Access Denied
  errors were shown for disallowed Remote API requests, yielding
  a confusing error. (issue 17374) (issue 18116)
- Properly close input streams in FileParameterValue (issue 22693)
- Incorrect failure age in the JUnit test results (issue 18626)
- Fixed deletion links for JVM Crash error logs (issue 22617)
- Distinguish "nodes for label offline" from "no nodes for label"
  (issue 17114)
- Add causes to queue item tool tip (issue 19250)
  JENKINS_HTTPS_KEYSTORE_PASSWORD options to Jenkins sysconfig
  file (issue 11673)
- RPM: Do not install jenkins.repo file (issue 22690)
- Don't advertise POSTing config.xml on master (issue 16264)
- Handle null parameter values to avoid massive executor deaths
  (issue 15094)
- Added an option to archive artifacts only when the build is
  successful (issue 22699)

Changes in 1.566 (2014/06/01)

- Configurable case sensitivity mode for user IDs. (issue 22247)
- Extension point for project naming strategies did not work
  from actual plugins. (issue 23127)
- Introduce directly modifiable views (issue 22967)
- Jenkins cannot restart Windows service (issue 22685)
   2015-11-03 04:29:40 by Alistair G. Crooks | Files touched by this commit (1995)
Log message:
Add SHA512 digests for distfiles for devel category

Issues found with existing distfiles:
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2014-10-25 17:04:06 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
Update to 1.565.3 from 1.532.1

What's new in 1.565.3 (2014/10/01)

    Plugin code can be downloaded by anyone with Overall/Read (SECURITY-155)
    Stored passwords can be read out from build with parameters page (SECURITY-138)
    Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in \ 
ZeroClipboard before 1.3.2 as included with Jenkins (SECURITY-149)
    Unauthenticated users can make Jenkins behind Apache unresponsive (SECURITY-87)
    Users with limited Job/Configure can replace other jobs they have no access \ 
to (if they know the name) (SECURITY-128)
    CLI calls are causing file descriptor leaks. (issue 23248)
    Users with limited Job/Configure can change the kind of job via CLI, getting \ 
access to denied job types (SECURITY-127)
    Test result trend breaks lazy-loading (issue 23945)
    Unable to kill a job which is running (issue 17667)
    XSS weakness in load-statistics (SECURITY-143)
    Job is removed from ListView after rename (issue 23893)
    set-build-result and set-build-parameter do insufficient checks (issue 24080)
    Missing no-sniff header (SECURITY-122)
    Directory traversal (SECURITY-131)
    "incompatible InnerClasses attribute" error in IBM J9 VM (issue 22525)
    Arbitrary file system write via DiskFileItem deserialization (SECURITY-159)
    Missing SecureFlag cookie (SECURITY-120)
    Prevent (private security realm) usernames from being guessed (SECURITY-79 \ 
redux!) (SECURITY-110)
    Deadlock in OldDataMonitor (issue 24358)
    RemoteInvocationHandler.RPCRequest allows invoking any method on an exported \ 
object event those not exposed by the exported interface (SECURITY-150)

What's new in 1.565.2 (2014/09/03)

    Jenkins needs to check whether the war's directory is writeable before \ 
offering to upgrade (issue 23683)
    AbstractLazyLoadRunMap.iterator() calls .all() (issue 18065)
    Jenkins no longer kills running processes after job fails (issue 22641)
    HTTP error 405 when trying to restart ssh host (issue 23094)
    Run.delete (from LogRotator) failing with "...looks to have already \ 
been deleted" (issue 22395)
    file name encoding broken in zip archives (issue 20663)
    Kill win32 processes from win64 JVMs (issue 23410)

What's new in 1.565.1 (2014/07/30)

    Queue.maintain does disk I/O via PeepholePermalink.resolve (issue 22822)
    “Form too large” errors submitting view configurations with many jobs \ 
(issue 20327)
    NPE on plugin install (issue 20031)
    Link to the console output missing in popup when log >200Kb (issue 14264)
    Parameters: NPE in canTake() procedures may kill all executors (issue 15094)
    NPE from AbstractBuild$AbstractBuildExecution.run (issue 23277)
    broken ProjectNamingStrategy Extension (issue 23127)
    Move DecoratedLauncher from the custom-tools plugin to the Jenkins Core \ 
(issue 19454)
    hudson.Launcher:ProcStarter::envs() may throw NPE (issue 20559)
    Resource leak in hudson.model.FileParameterValue (issue 22693)
    ReverseBuildTrigger.threshold not consistently saved (issue 23191)
    AccessRestriction on SecurityListener methods (issue 23417)
    After deleting folder, get 404 (issue 23375)
    email-ext plugin doesn't handle tokens when slave has gone offline: IAE from \ 
AbstractProject.getEnvironment (issue 23517)
    Jenkins cannot restart Windows service (issue 22685)
    Rules for showing/hiding SCMTrigger.pollingThreadCount option are broken \ 
(issue 22934)

What's new in 1.554.3 (2014/06/30)

    Queue.maintain does disk I/O via PeepholePermalink.resolve (issue 22822)
    Non-recursive ListViews unnecessarily call owner.getAllItems in getItems \ 
(issue 22720)
    SSH slave connections die after the slave outputs 4MB of stderr, usually \ 
during findbugs analysis (issue 22938)
    Jenkins cannot restart Windows service (issue 22685)

What's new in 1.554.2 (2014/05/30)

    Don't ask for confirmation when it doesn't make any sense (issue 21720)
    On a configure screen that has multiple groups of radio buttons, clicking \ 
the apply button clears all but the last radio group selection (issue 22570)
    Optimize creation of relative links to jobs (issue 18364)
    Jenkins asks for confirmation before leaving edited 'View Configuration' \ 
page (issue 20597)
    OutOfOrderBuildMonitor fails to correct builds with duplicate number (issue \ 
    Computer does not exist returns NPE (issue 21999)
    Last build of project reloaded when project asked for later build (issue 22681)
    After clicking 'Apply' at least once, 'Save' opens a new window (issue 20245)
    hetero-radio should work with multiple instances of the same ui (issue 22583)
    Cannot submit configuration after removing groovy step (issue 22582)
    No autocompletion and NullPointerException when using 'Copy Existing Job' \ 
(issue 22142)

What's new in 1.554.1 (2014/04/30)

    NPE if trying to install a plugin from the update center and either the \ 
update source or the plugin contains a '.' in its name (issue 22080)
    Download update center from master by default (issue 19081)
    OutOfMemory due to unbounded storage in OldDataMonitor (issue 19544)
    Very slow resource loading from UberClassLoader (issue 21579)
    Jetty exploding war to /tmp is a bad idea (issue 22442)
    Performance issue with search box (issue 21969)
    ArrayIndexOutOfBoundsException during Jenkins.doConfigSubmit; need XStream \ 
1.4.6 (issue 18537)
    NullPointerException when trying to mark slave temporarily offline (issue 21875)
    Build queue is not filtered after progress updated (issue 20500)
    copy-job permission checks wrong (issue 22262)

What's new in 1.532.3 (2014/04/11)

    Replace description in error dialog instead of appending (issue 21457)
    NPE from xstream.core.JVM.isOpenJDK (issue 21183)
    WorkspaceCleanupThread does not handle folders (issue 21023)
    Copy Artifact's fingerprinting creates second \ 
hudson.tasks.Fingerprinter_-FingerprintAction section with just the artifacts \ 
copied (issue 17606)
    /login offers link to /opensearch.xml which anonymous users cannot retrieve \ 
(issue 21254)
    Miscellaneous exceptions in config.xml can prevent entire job from loading \ 
(issue 21024)
    Jobs named "." can be created, but not built, configured, \ 
accessed, ... (issue 21639)
    DirectoryBrowserSupport.buildChildPaths does quadratic number of calls to \ 
check whether entries are directories (issue 21780)
    ZIP file download generates corrupt zip file (issue 20345)
    Update credentials plugin to 1.9.4 (issue 21820)
    Apply button does not work in IE Compat View (issue 19826)
    Deadlock while parallel deletion/rename of jobs (issue 19446)

What's new in 1.532.2 (2014/02/14)

    CannotResolveClassException breaks loading of entire containing folder, not \ 
just one job (issue 20951)
    Default markup formatter permits offsite-bound forms (SECURITY-88)
    Using jenkins-cli connecting to HTTPS port fails due to hostname mismatch in \ 
certificate (issue 12629)
    ApiTokenFilter does not check that the user actually exists (SECURITY-89)
    HTTP two-way remoting does not work (jenkins-cli.jar without JNLP) (issue 20128)
    Slave launcher fails after NoClassDefFoundError: Could not initialize class \ 
jenkins.model.Jenkins$MasterComputer (issue 19453)
    StreamCorruptedException (issue 8856)
    UI Redressing/ClickJacking (SECURITY-80)
    Fail to run 'groovysh' in CLI due to insufficient permission (issue 17929)
    Loading projects too slow because of File.isDirectory calls (issue 21078)
    HTML metacharacters not escaped in log messages (issue 20800)
    Channel's executorService's pool should have a name (issue 19004)
    ListView.expand throws ClassCastException: … cannot be cast to \ 
hudson.model.TopLevelItem (issue 20415)
    Stored XSS (SECURITY-74)
    Session Fixation (SECURITY-75)
    /heapDump offered to anyone with ADMINISTER (SECURITY-73)
    Username Guessing/Enumeration (SECURITY-79)
    RingBufferLogHandler throws ArrayIndexOutOfBoundsException after \ 
int-overflow (issue 9120)
    Iframe Injection (SECURITY-76)
    Reflected XSS in Cookie (SECURITY-77)
    l:breakable mishandles HTML metacharacters (issue 20928)
    Start JNLP slave ignores jar-cache flag (issue 20093)
    Stored passwords can be read out from UIs with password fields (SECURITY-93)
    Too many open files upon HTTP listener init or shutdown (issue 14336)
    Extension point for secure users of Api (issue 16936)
    'Apply' error screens don't work (issue 20772)
    Workspaces seem to be removed prematurely on concurrent jobs (issue 10615)
    Job creators are able to edit or destroy the system configuration via the \ 
    Disable\Delete "Remember me on this computer" check box in login \ 
screen (issue 15757)
    SECURITY-55 fails if downstream project not visible (SECURITY-109)
    Builds disappear some time after renaming job (issue 18678)
    Use RunAction2 from TestResultAction (issue 18410)
    java.lang.NoClassDefFoundError: sun/net/www/protocol/jar/JarURLConnection \ 
(issue 20163)
    Remote code execution via xstream deserialization in XML API (SECURITY-105)
    Jenkins on winstone vulnerable to session hijacking (SECURITY-106)
    Jenkins allows anonymous access if the Authorization Strategy can't be \ 
loaded (SECURITY-107)
    you cannot use the cli without giving Overall read to Anonymous (issue 8815)
   2014-01-24 19:42:49 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
Update to 1.532.1

What's new in 1.532.1 (2013/11/25)

    Collecting findbugs analysis results occasionally causes ssh slave to go \ 
offline causing job to abort (issue 19619)
    Bytecode compatibility transformer mistakenly corrupts \ 
org.apache.ivy.core.settings.IvySettings.triggers (issue 19383)
    Functions.globalIota overflow (issue 20085)
    Upgrade bundled versions of credentials, ssh-credentials and ssh-slaves \ 
plugins (issue 19945)
    /me/my-views/editDescription may be used by any user to set global \ 
description (issue 18633)
    Missing base directory in ZIP from .../artifact/dir/subdir/*zip*/subdir.zip \ 
(issue 19947)
    After deleting last build, next build of last build is zombie (issue 19920)
    Upgrade error to 1.531: PROXY_HEADER is null (issue 19613)
    Upgrade bundled versions of credentials and ssh-slaves so we can assume \ 
available (issue 20071)
    Collecting finbugs analysis results randomly fails with exception (issue 18879)
    ViewJobFilter.filter expect "All jobs that are possible." but \ 
don't get recursive ones (issue 20143)
    Download build artifacts as zip generates a corrupted file (issue 19752)
    Jenkins redirecting from https to http (issue 10675)
    java.io.IOException: Unexpected termination of the channel (issue 18836)
    When installing a plugin and the needed dependencies have compatibility \ 
issues, warn the user (issue 19739)
    Installing a plugin with optional dependencies doesn't upgrade the optional \ 
dependencies when needed (issue 19736)
    After upgrade from 1.519 to 1.526 -> NumberFormatException occurs during \ 
maven 3 build (issue 19251)

What's new in 1.509.4 (2013/10/09)

    Configurable loggers should capture messages on slaves (issue 18274)
    @RequirePOST and similar should send a 405 (issue 16918)
    Using jenkins-cli connecting to HTTPS port fails due to hostname mismatch in \ 
certificate (issue 12629)
    [XStream] ConcurrentModificationException from DefaultConverterLookup (issue \ 
    @QueryParameter with @RelativePath broken (issue 18776)
    fingerprint are truncated (issue 19515)
    Environment variable replacement/resolving (issue 16660)
    failed to archive slave artifacts. Unexpected end of ZLIB input stream \ 
(issue 19473)
    winstone.ClientSocketException: Failed to write to client (issue 10524)
    /log/all polluted with FINE* messages from other loggers (issue 18959)
    Incorrect redirect after editing view with Unicode name (issue 18373)
    Flyweight jobs and zero executors (issue 7291)
    ERR_CONTENT_DECODING_FAILED on Custom Views with Project-based Matrix \ 
Authorization (issue 15437)
    Buttons do not work in IE 11 (issue 19171)
    CLI login command fails on Windows (issue 19192)
    Problems with "Latest Test Result" and "Aggregated Test \ 
Result" links (issue 9637)
    Exception while trigger downstream projects (issue 17247)
    Maven 2 jobs fail (exception in MavenFingerprinter) (issue 18441)
    Outdated JRuby libs (issue 14351)
    Deadlock (issue 18589)
    When copying folder, display names of contained jobs are gratuitously \ 
cleared (issue 18074)
    Incorrect redirection after delete of job in folder in view (issue 17575)
    Javadoc project action yields HTTP 404 (issue 19168)
    Memory exhaustion parsing large test stdio from Surefire (issue 15382)
    With lazy-build loading estimated build duration may become expensive (issue \ 
    Can't build using maven 3.1.0 (issue 15935)
    Cannot create a custom logger matching any namespace (issue 17983)
    Clean up fingerprint records that correspond to the deleted build recods \ 
(issue 18417)
    "projects tied to slave" shows unrelated maven module jobs (issue \ 
    hudson.security.AccessDeniedException2: anonymous is missing the Administer \ 
permission (issue 15578)
    ”My Views" links leads to 404 Not Found (issue 17317)
    Some jobs not loaded after jenkins restart: java.lang.NoSuchFieldError: \ 
triggers (issue 18677)
    New lazy loading permalinks can break job.lastStableBuild != null => \ 
job.lastSuccessfulBuild != null (issue 18846)
   2013-09-29 01:19:43 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 1.509.3

What's new in 1.509.3 (2013/09/09)

    Standalone install does not work with Apache + mod_proxy_ajp + SSL (issue 5753)
    Reload configuration from disk no longer works after upgrade to Jenkins \ 
1.512. (issue 17977)
    Build Now link on MultiJob page doesn't work (issue 16974)
    Add descriptions for custom tools (issue 18771)
    Lazy loading causes massive delays after a period of inactivity when loading \ 
dashboard (issue 16023)
    NPE running matrix job (issue 18024)
    LastSuccessful and LastStable symlinks are invalid under Windows (issue 17681)
    IllegalStateException from MavenProject.getParent can break \ 
MavenFingerprinter.recordParents (issue 17775)
    NPE (isEmpty) from main.groovy (issue 15309)
    DependencyClassLoader#getTransitiveDependencies returns disabled plugins \ 
(issue 18654)
    parameter description don't use MarkupFormatter (issue 18427)
    Incompatible signature change in 1.489: AbstractProject.doBuild (issue 18356)
    Display Name is not shown (issue 17715)
    Fingerprint throws exceptions on 1.518 (issue 18337)
    FingerprintAction deserialization leads to NPE (issue 17125)
    update view via REST API doesn't work (issue 17302)
    MavenModuleSetBuild.getResult is expensive (issue 18895)
    Builds disappear from jobs - hudson.util.IOException2: Invalid directory \ 
name - java.text.ParseException: Unparseable date: "39" (issue 15587)
    Outdated JRuby libs (issue 14351)
    Fingerprint performance (issue 16301)
    10,000+ jobs tied to a label make Node index page unusably unresponsive \ 
(issue 18660)
    "Delete Project" link fails with 403 Exception: No valid crumb was \ 
included in the request (issue 18032)
    Manually uploaded plugins are incorrectly unpacked (issue 4543)
    Decorated Launcher Does Not Maintain "isUnix" for RemoteLauncher \ 
(issue 18368)
    Test harness packs copies of Maven into plugin archive (issue 18918)
    All Maven 2 builds fail with java.lang.NoSuchMethodError DigestUtils.md5Hex \ 
(issue 18178)