Subject: CVS commit: pkgsrc/devel/jenkins-lts
From: Ryo ONODERA
Date: 2017-05-21 01:54:19
Message id: 20170520235420.0F990FBE4@cvs.NetBSD.org

Log Message:
Update to 2.46.2

* Do not extract .war file

Changelog:
 What's new in 2.46.2 (2017-04-26)
134 sunny0 cloudy5 stormCommunity reported issues: 1×JENKINS-42194 \ 
1×JENKINS-43666 1×JENKINS-41745

    Important security fixes. (security advisory)
    Non-Remoting-based CLI. (issue 41745, pull 2795, announcement blog post)
    Disable SSH server by default. (issue 33595)
    Computer#addAction would throw an UnsupportedOperationException since \ 
Jenkins 2.30. Such a call site was released in SSH Slaves Plugin 1.15 for \ 
SECURITY-161. (issue 42969, security advisory including SECURITY-161)
    Search results page did not correctly encode query parameters. (issue 42390)
    When validating a cron expression, consider the specified time zone. (issue \ 
43228)
    Do not display a warning when an SCM trigger has no schedules (either to \ 
disable SCM post-commit hooks, or to enable them without polling). (issue 42194)
    Fix performance issue in deduplication of lists of tool installers. (issue 42141)

What's new in 2.46.1 (2017-03-29)
267 sunny8 cloudy1 stormCommunity reported issues: 2×JENKINS-43380 \ 
1×JENKINS-41892 1×JENKINS-43381
Changes since 2.46:

    Prevent file descriptor leaks when Windows Service installer fails to read \ 
data from the service startup log. (issue 42670)
    Update Remoting from 3.5 to 3.7 in order to prevent file descriptor leaks on \ 
agents in the case of multiple connection attempts. (full changelog)
    Exceptions during Jenkins cleanup step should not block restart. (issue 42164)
    Cryptic error message when loading JnlpSlaveAgentProtocol4. (issue 41987)
    Developer: Snapshot builds of plugins that had dependencies on other \ 
snapshot builds were not having their version numbers compared correctly. (issue \ 
41899)
    Do not attempt to find the next occurrence of an impossible date such as \ 
June 31st in validation of trigger schedules. (issue 41864)
    Remoting 3.5: Stability improvements. (issue 41513, issue 41852)
    Remove invalid translations in Slovene (issue 41756)
    Remoting 3.5: Add option to specify the remoting protocol to use on the \ 
client. (issue 41730)
    Use of the remote API to create items in views (/view/…/createItem) \ 
didn't actually add items to views since Jenkins 2.22. (issue 41128)
    Remoting 3.5: Remoting clients now accept lowercase (HTTP 2) headers sent by \ 
reverse proxies. (issue 40710)
    Windows service restart did not retain build queue. (issue 32820)

Notable changes since 2.32.3:

    Update the SSHD module from 1.7 to 1.8. The change disables obsolete \ 
Ciphers: AES128CBC, TripleDESCBC, and BlowfishCBC.
    Enable the JNLP4 agent protocol by default. (issue 40886, upgrade notes)
    Allow defining agent ping interval and ping timeout in seconds. It can be \ 
done via the hudson.slaves.ChannelPinger.pingIntervalSeconds and \ 
hudson.slaves.ChannelPinger.pingTimeoutSeconds system properties. (issue 28245)
    Print stack traces in logical order, with the most important part on top. \ 
(pull 1485)
    Reduce size of Jenkins WAR file by not storing identical copies of \ 
remoting.jar/slave.jar there. (pull 2633)
    Do not print warnings about undefined parameters when \ 
hudson.model.ParametersAction.keepUndefinedParameters property is set to false. \ 
(pull 2687)
    Increase the JENKINS_HOME disk space threshold from 1Gb to 10Gb left. The \ 
warning will be shown only if more than 90% of the disk is utilized. (issue \ 
40749)
    Delete obsolete pinning UI. (issue 34065)
    Use project-specific validation URL for SCM Trigger, so H is handled \ 
correctly in preview. (issue 26977)
    Failure to serialize a single Action could cause an entire REST export \ 
response to fail. Upgraded to Stapler 1.250 with a fix. (issue 40088)
    Add Usage Statistics section to the global configuration to make it easier \ 
to find. (issue 32938)
    Allow groovy CLI command via SSH CLI. (issue 41765)

What's new in 2.32.3 (2017-03-01)
311 sunny1 cloudy13 stormCommunity reported issues: 1×JENKINS-1 \ 
1×JENKINS-27413 1×JENKINS-37998 1×JENKINS-39232 1×JENKINS-3745 \ 
1×JENKINS-123456 1×JENKINS-1234 1×JENKINS-12345 1×JENKINS-1111 \ 
1×JENKINS-1222 1×JENKINS-38834

    Display an informative message, rather than a Groovy exception, when \ 
View#getItems fails. (issue 41825)
    Don't try to set Agent Port when it is enforced, breaking form submission. \ 
(issue 41511)
    Don't add all group names as HTTP headers on "access denied" \ 
pages, possibly breaking reverse proxies due to very large headers. (issue \ 
39402)
    Fix handling of the POST flag in ManagementLinks within the Manage Jenkins \ 
page. (issue 38175)
    IllegalStateException from Winstone when making certain requests with access \ 
logging enabled. (issue 37625)
    Do not fail to write a log file just because something deleted the parent \ 
directory. (issue 16634)

What's new in 2.32.2 (2017-02-01)
92 sunny1 cloudy2 stormCommunity reported issues: 1×JENKINS-41661 \ 
1×JENKINS-33358 1×JENKINS-1

    Important security fixes. (security advisory)
    Support displaying of warnings from the update site in the plugin manager \ 
and in administrative monitors. (issue 40494, announcement blog post)
    Correctly state that Jenkins will refuse to load plugins whose dependencies \ 
are not satisfied in plugin manager. (issue 40666)
    The install-plugin CLI command now correctly installs plugins when multiple \ 
file arguments are specified. (issue 32358)
    Prevent the ClassNotFoundException: javax.servlet.ServletException error \ 
when invoking shell tasks on remote agents. (issue 40863)
    Properties were not passed to Maven command by Maven build step when the \ 
Inject Build Variables flag was not set. (issue 39268)
    Job configuration submission now does not fail when there is no parameters \ 
property. (issue 39700, regression in 1.637)
    Update remoting to 3.4 in order to properly terminate the channel in the \ 
case Errors and Exceptions. (issue 39835)
    Check for Updates button in the Plugin Manager was hidden in the Updates tab \ 
when there was no plugins updates available. (issue 39971)
    SSHD Module: Handshake was failing (wrong shared secret) 1 out of 256 times \ 
due to SSHD-330. (issue 40362)
    Performance: Use bulk change when submitting Job configurations to minimize \ 
the number of sequential config.xml write operations. (issue 40435)
    Jobs were hanging during process termination on the Solaris 11 Intel \ 
platform, regression in 2.20. (issue 40470)
    Restore option value for setting build result to unstable when loading shell \ 
and batch build steps from disk. (issue 40894)
    Update to Winstone 3.2 to support ad-hoc certificate generation on Java 8 \ 
(using unsupported APIs). This option is deprecated and will be removed in a \ 
future release. We strongly recommend you create self-signed certificates \ 
yourself and use --httpsKeyStore and related options instead. (issue 25333)

What's new in 2.32.1 (2016-12-24)
45 sunny0 cloudy5 stormCommunity reported issues: 2×JENKINS-40470 \ 
1×JENKINS-40990
Changes since 2.32:

    Prevent early deallocation of process references by Garbage Collector when \ 
starting a remote process. It was sometimes causing build failures with messages \ 
like FATAL: Invalid object ID 184 iuota=187 and java.lang.Exception: Object was \ 
recently deallocated. (issue 23271)
    Redirect to login page in the case of authorisation error when checking \ 
connectivity to the Update Center. (issue 39741)
    WinP 1.24: Native class now tries loading DLLs from the temporary location. \ 
(issue 20913)
    WinP 1.24: WinP sometimes kills wrong processes when using killRecursive(). \ 
It was likely impacting process termination on Windows agents and sometimes \ 
leading to BSoD. (issue 24453)

Notable changes since 2.19.4:

    Upgrade Remoting to version 3.1 with JNLP4-connect protocol. Compatibility \ 
notes are available here. Notably, it is no longer possible to use JDK 6 for the \ 
Maven project type, as communication with the Maven process uses Remoting, and \ 
it now requires Java 7. (issue 37564, issue 36871, issue 37565)
    Show notification with popup on most pages when administrative monitors are \ 
active. (issue 38391)
    Allow disabling/enabling administrative monitors on Configure Jenkins form. \ 
(issue 38301)
    Ask for confirmation before canceling/aborting runs. (issue 30565)
    Prompt user whether to add the job to the current view. (issue 19142)
    Allow CommandInterpreter build steps to set a build result as Unstable via \ 
the return code. Shell and Batch build steps now support this feature. (issue \ 
23786)
    Internal: Upgrade Stapler library from 1.243 to 1.246 with fixes required \ 
for the Blue Ocean project. Changes are listed here. (pull 2593)

What's new in 2.19.4 (2016-11-23)
31 sunny0 cloudy1 stormCommunity reported issues: 1×JENKINS-38834

    Reduce logging level when the localization resource is missing \ 
ResourceBundleUtil#getBundle(). (issue 39604)
    Custom remoting enable/disable settings were not properly persisted on the \ 
disk and then reloaded. If the option has been configured in Jenkins starting \ 
from 2.16, a reconfiguration may be required. (issue 39465)
    Prevent NullPointerException when rendering \ 
CauseOfInterruption.UserInterruption in build summary pages for non-existent \ 
users. (issue 38721 and issue 37282, regression in 2.14)
    Display transient actions for labels. (issue 38651)
    Performance: Fix the performance of file compress/uncompress operations over \ 
the remoting channel. (issue 38640, issue 38814)
    Add user to restart log message for restart after plugin installation. \ 
(issue 38615)
    Remoting 2.62.2: Improve connection stability by turning on Socket \ 
Keep-alive by default. Keep-alive can be disabled via the -noKeepAlive option on \ 
slave agent process. (issue 38539)
    Remoting 2.62.2: Prevent NullPointerException in Engine#connect() when host \ 
or port parameters are null or empty. (issue 37539)
    Jenkins startup does not fail if one of ComputerListeners throws exception \ 
in the onOnline() handler. (issue 38487)
    Fix handling of the jenkins.model.Jenkins.slaveAgentPort system property, \ 
which was not honored. (issue 38187, regression in 2.0)
    Properly enable submit button on New Item page when choosing item type \ 
first. (issue 36539)
    Add missing internationalization support to ResourceBundleUtil. It fixes \ 
internationalization in Blue Ocean and Jenkins Design Language. (issue 35845)
    Properly handle quotes and other special symbols in item names during form \ 
validation. (issue 31871)
    Prevent deadlocks during modification of node executor numbers (e.g. during \ 
deletion of nodes). (issue 31768)
    Restore automatic line wrapping in Build Step text boxes with syntax \ 
highlighting. (issue 27367)
    Print warnings if none of Tool Installers can be used during the tool \ 
installation. (issue 26940)
    Node build history page was hammering the performance of the Jenkins \ 
instance by spawning parallel heavy requests. Now the information is being \ 
loaded sequentially. (issue 23244)
    Fix JS/browser memory leak on Jenkins dashboard. (issue 10912)

What's new in 2.19.3 (2016-11-16)
13 sunny0 cloudy0 storm
This is an out-of-schedule release addressing the zero day vulnerability \ 
published on November 11, 2016. It does not contain the usual LTS bug fixes, but \ 
only addresses the security vulnerability. There will be another LTS release in \ 
the 2.19.x line containing bug fixes as regularly scheduled.

    Important security fixes (security advisory)
    Allow disabling the Jenkins CLI over HTTP and JNLP agent port by setting the \ 
System property jenkins.CLI.disabled to true.

What's new in 2.19.2 (2016-11-01)
18 sunny0 cloudy0 storm

    Prevent instatination of jenkins.model.Jenkins on agents in the \ 
ProcessKillingVeto extension point. (issue 38534)
    Decrease connection timeout when changing the JNLP agent port via Groovy \ 
system scripts. (issue 38473)
    Fix NullPointerException when descriptor is not in DescriptorList. (issue 37997)
    Print warnings to system logs and administrative monitors when Jenkins \ 
initialization does not reach the final milestone. (issue 37874, diagnostics for \ 
issue-37759)
    Allow the use of custom JSON signature validator for Update Site metadata \ 
signature checks. (issue 36537)
    Failed to load jenkins.util.SystemProperties on slaves. (issue 35184)
    CLI: Connection over HTTP was not working correctly. (issue 34287, \ 
regression in 2.0)
    Use the correct 'gear' icon for Manage Jenkins in Plugin Manager. (issue 34250)
    Build history was not properly updating via AJAX. (issue 31487)
    CLI: Disable the channel message chunking by default. Prevents connection \ 
issues like java.io.StreamCorruptedException: invalid stream header: 0A0A0A0A. \ 
(issue 23232)
    Exclude /cli URL from CSRF protection crumb requirement, making the CLI work \ 
with CSRF protection enabled and JNLP port disabled. (issue 18114)

Files:
RevisionActionfile
1.2modifypkgsrc/devel/jenkins-lts/Makefile
1.2modifypkgsrc/devel/jenkins-lts/PLIST
1.2modifypkgsrc/devel/jenkins-lts/distinfo