Subject: CVS commit: pkgsrc/devel/jenkins
From: Filip Hajny
Date: 2016-09-30 17:13:14
Message id: 20160930151315.05A9DFBD2@cvs.NetBSD.org

Log Message:
Update devel/jenkins to 2.7.4 (LTS)

Jenkins 2 is a drop-in replacement of the Jenkins 1.x series of
releases and fully backward compatible.

2.7.4 (2016-09-08)

- Prevent File descriptor leaks when reading plugin manifests. It
  causes failures during the upgrade of detached plugins on
  Windows.

2.7.3 (2016/08/31)

- Stop A/B testing of the remoting JNLP3 protocol due to the known
  issues. The protocol can be enabled manually via the
  jenkins.slaves.JnlpSlaveAgentProtocol3.enabled system property.
- When checking Update Center, append ?uctest parameter to HTTP
  and HTTPS URLs only.
- Ensure that detached plugins are always at least their minimum
  version.
- Remove trailing space from Hudson.DisplayName in Spanish, which
  resulted in problems with Blue Ocean.
- Make sure that the All view is created.
- Incorrect formatting of messages in the Update Center and Setup
  Wizard.
- Underprivileged users were unable to use the default value of a
  password parameter.
- Properly handle exceptions during global configuration form
  submissions when SCM Retry Count field is empty.
- Do not allow disabled project to be triggered remotely.
- Ensure that SCMDescriptor.newInstance overrides are honored when
  creating new SCM entries.
- Add a cache for user information to fix performance regression
  due to SECURITY-243.
- Performance: Disable AutoBrowserHolder by default to improve the
  changelog rendering performance.
- Honor non-default update sites in setup wizard.

2.7.2 (2016/08/03)

- Always send usage statistics over HTTPs to the new
  usage.jenkins.io hostname.
- Fix issues in file management in hudson.remoting.Launcher (main
  executable class).
- Remoting 2.60: Fix potential file handle leaks during the build
  agent (FKA slave) startup. issue 35190)
- Remoting 2.60: Proper handling of the no_proxy environment
  variable.
- Performance: Improve configuration page load times by removing
  the CodeMirror reloading cycle.
- Remoting 2.60: hudson.Remoting.Engine#waitForServerToBack now
  uses credentials for connection.
- IllegalStateException under certain conditions when reloading
  configuration from disk while jobs are in the queue.
- Allow keeping builds forever with custom build retention
  strategies.
- Remoting 2.60: Make the channel reader tolerant against Socket
  timeouts.

2.7.1 (2016/07/06)

Changes from 2.7:
- Installation Wizard: Do not offer creating new admin user if the
  security is preconfigured.
- API: Make it easier for UpdateSites to tweak the
  InstallationJob.
- Fix the repeatable item delete button layout in Safari.
  Addresses Build Steps and other such configuration items.
- Prevent NullPointerException on startup after update from
  Jenkins 2.5.
- Explicitly declare compatibility of Windows build agent service
  with .NET Framework 4.
- Honor noProxy settings from "Manage Jenkins > Manage Plugins >
  Advanced".
- API: Restrict external usages of
  jenkins.util.ResourceBundleUtil.
- Internal: Upgrade Groovy to 2.4.7 to finalize the fix in Jenkins
  2.7.

Notable changes since 1.651.3:
- More detailed information about the new features in Jenkins 2 on
  the overview page. Note that AJP support has been removed, if
  your service script enables it, Jenkins will fail to start.
- New password-protected setup wizard shown on first run to guide
  users through installation of popular plugins and setting up an
  admin user.
- Plugin bundling overhaul: Bundled plugins are only installed if
  necessary when upgrading, all plugins can be uninstalled.
- Redesigned job configuration form makes it easier to understand
  the option hierarchy, and to navigate the form.
- Richer 'Create Item' form with job icons and job categories
  (once a threshold of three categories has been reached).
- Support encrypted communication between master and JNLP slaves.
- Enable disabled dependencies during plugin installations.
- Force ordering between GPG and jarsigner to ensure correct GPG
  signature.
- Secured Jenkins installations didn't properly save the queue on
  shutdown.
- Upgrade wizard encourages installation of Pipeline related
  plugins when upgrading from 1.x.
- Jenkins now requires Servlet 3.1. Upgraded embedded
  Winstone-Jetty to Jetty 9 accordingly. This removes AJP support
  when using the embedded Winstone-Jetty container.
- Bundled Groovy updated from 1.8.9 to 2.4.7.
- Moved tools configuration from Configure Jenkins to separate
  dialog.
- Added option to prohibit anonymous access to security realm
  "Logged in users can do anything", enable by default.
- Renamed 'slave' to 'agent' on the UI.
- Improvements to inline documentation of numerous form fields in
  Jenkins global and job configuration.
- Change default CSRF protection crumb name to Jenkins-Crumb for
  nginx compatibility.
- Add symbol annotations on core.
- Workaround for unpredictable Windows file locking.
- Remove the historical initialization of CVS changelog parser for
  jobs without explicit SCM definition. Warning! This change may
  potentially cause a regression if a Jenkins plugin depends on
  this default behavior and injects changelogs without SCM.
- Add the JOB_BASE_NAME environment variable to builds (job name
  without path).
- Allow overriding Jenkins UpdateCenter by a custom
  implementation.
- Allow overriding Jenkins PluginManager by a custom
  implementation.
- Allow setting of properties from context.xml and web.xml in
  addition to setting system properties from the command line.
- Remoting: Allow Jenkins admins to adjust the socket timeout.
  (Controlled by hudson.remoting.Engine.socketTimeout)
- Remoting: Allow disabling the remoting protocols individually.
  Allows working around compatibility issues like JENKINS-34121.
  (Controlled by PROTOCOL_CLASS_NAME.disabled)
- Remoting, scalability: Ensure that the unexporter cleans up
  whatever it can each GC sweep.
- Remoting: Force class load on UserRequest to prevent deadlocks
  on Windows nodes agents in the case of multiple classloaders.
  (Controlled by hudson.remoting.RemoteClassLoader.force)
- Make ToolInstallers to follow HTTP 30x redirects.
- Disable JSESSIONID in URLs when running in the JBoss web
  container. It prevents Error 404 due to invalid links starting
  from Jenkins 1.556. More info: WFLY-4782
- Allow starting non-AbstractProject (e.g. Pipeline) jobs from
  CLI.
- Plugin Manager was building incorrect list of bundled plugins
  for nested dependencies.
- Developer API: Add WorkspaceList.tempDir(...).
- Developer API: Allow putting @Initializer annotations on
  instance methods.
- Developer API: Allow specifying custom AbortExceptions.

1.651.3 (2016/06/08)

- Cannot enable disabled dependencies.
- Listed Parameters should reflect what was used when the build
  ran.
- Installation Wizard: SEVERE errors in logs, enabling of the
  enabled plugin.
- Check Updates PeriodicWork dies horribly in the case of invalid
  signature.
- RSS ID duplication for items with same name in different
  folders.
- Remoting, scalability: Ensure that the unexporter cleans up
  whatever it can each GC sweep.
- Remoting: Force class load on UserRequest to prevent deadlocks
  on Windows nodes agents in the case of multiple classloaders.
  (Controlled by hudson.remoting.RemoteClassLoader.force)
- Remoting: Allow Jenkins admins to adjust the socket timeout.
  (Controlled by hudson.remoting.Engine.socketTimeout)
- Remoting: Allow disabling the remoting protocols individually.
  Allows working around compatibility issues like JENKINS-34121.
  (Controlled by PROTOCOL_CLASS_NAME.disabled)

1.651.2 (2016/05/11)

- Important security fixes
- Update remoting to 2.57.
- Pipeline runs not reliably started after restart when using
  Build after other projects are built.
- Prevent badges in build history sidepanel widget from
  overlapping page contents.
- Do not hardcode .bat extension for Maven on Windows.
- Don't store redundant build causes, make list of build causes
  immutable.
- Make context meny link Delete Project work with CSRF protection
  enabled.

1.651.1 (2016/04/14)

Changes from 1.651:
- Honor the option to opt out of usage statistics submission.
- Plugin filters were failing to be removed and blocking restart.
- Do not fail update center check if there are no tool installers
  defined.
- Fix argument masking for sensitive build variables on Windows.
- Under some conditions Jenkins startup could fail because of
  incorrectly linked extensions; now recovering more gracefully.
- Multiple bug fixes related to shutdown sequence.

Notable changes since 1.642.3:
- Move periodic task log files from JENKINS_HOME/*.log to
  JENKINS_HOME/logs/tasks/*.log and rotate them periodically
  rather than overwrite every execution.
- Allow changing the directory used for the extraction of plugin
  archives via the --pluginroot CLI option (also controllable via
  the hudson.PluginManager.workDir system property / context
  parameter. Also document the --webroot CLI parameter in java
  -jar jenkins.war --help
- Unify CLI exit code semantics.
- Add time zone to generation date in footer in most locales.
- The Windows service wrapper now specifies the --webroot argument
  to extract the war file into %BASE%.
- Allow retrying core update when the first attempt failed.
- Allow specifying the default TCP slave agent listener port via
  system property.
- Fix documentation of proxy configuration.
- Retrieve tool installer metadata from all update sites.
- Fields on the parameters page are no longer aligned at the
  bottom.
- Cleanup of CLI error handling and return codes.
- Boot failure hook script did not work,
  WebAppMain.contextDestroyed produces weird errors.
- ArrayIndexOutOfBoundsException when parsing range set.
- Generate new instance identity file when the existing one is
  found to be corrupt.
- Developer: The official parent POM for plugins is now hosted in
  the plugin-pom repository, starting with version 2.0.
- API changes: Add a reusable implementation of IdleOfflineCause
  class.
- Developer: Split test harness into separate artifact.
- Developer: Pass $it to contents of dropdownDescriptorSelector.

1.642.4 (2016/03/31)

- Honor the option to opt out of usage statistics submission.

1.642.3 (2016/03/16)

- Fields on the parameters page are no longer aligned at the
  bottom.
- Under some conditions a build record could be loaded twice,
  leading to erratic behavior.

1.642.2 (2016/02/24)

- Important security fixes
- Don't submit usage statistics while Jenkins hasn't finished
  loading.
- Performance regression when setting JDK installations.
- Renaming a node over another was possible and destroys both
  configurations.
- A CloudProvisioningListener can prevent provisioning of all
  clouds instead of just the targeted cloud.
- GroovyHookScript needs Jenkins to be initialized but should not
  (for e.g. boot failure script).
- Don't show "termination trace" as warning in the log as
  it's not necessarily an error condition.

1.642.1 (2016/01/20)

- No changes compared to 1.642

Files:
RevisionActionfile
1.19modifypkgsrc/devel/jenkins/Makefile
1.14modifypkgsrc/devel/jenkins/PLIST
1.18modifypkgsrc/devel/jenkins/distinfo