From c3e2de57450a6561842ac3e4deb662537739368a Mon Sep 17 00:00:00 2001 From: Mark Waite Date: Sun, 23 Feb 2020 21:20:37 -0700 Subject: [PATCH 1/7] Add changelog 2.222 --- content/_data/changelogs/weekly.yml | 160 ++++++++++++++++++++++++++++ 1 file changed, 160 insertions(+) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 0567c30575c7..3c217028de6c 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6293,6 +6293,166 @@ # pull: 4494 (PR title: Remove references to Azure maven cache) # pull: 4502 (PR title: [JENKINS-61102] Use XMLUnit to fix test) +- version: '2.222' + date: 2020-02-23 + changes: + - type: major rfe + category: major rfe + pull: 4463 + issue: 60920 + authors: + - fqueiruga + - daniel-beck + message: |- + Visual revamp of the layout and icons of the header bar and breadcrumbs. Instances with plugins that depend on details of the Jenkins layout (e.g. Simple Theme Plugin) may experience UI/layout problems. + A new header color scheme can be enabled by setting the system property jenkins.ui.refresh to true. + - type: major rfe + category: major rfe + pull: 4501 + issue: 60266 + authors: + - daniel-beck + - timja + references: + - pull: 4501 + - issue: 60266 + - url: https://github.com/jenkinsci/jep/blob/master/jep/223/README.adoc + title: JEP-223 + message: |- + Add a new permission Overall/Manage which allows a user to configure parts of the global Jenkins configuration without having the Overall/Administer permission. + This is an experimental feature, disabled by default, that can be enabled by setting the jenkins.security.ManagePermission system property to true. + - type: major rfe + category: major rfe + pull: 4506 + issue: 12548 + authors: + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 + message: |- + Adds a system read permission, which gives (almost) full read access to the Jenkins instance, this is disabled by default, install the extended-read plugin to activate it. + - type: major rfe + category: developer + pull: 4506 + issue: 12548 + authors: + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 + message: |- + Developer: New checkAnyPermission, hasAnyPermission methods that allow access if a user has one of the supplied permissions, + - type: major rfe + category: developer + pull: 4506 + issue: 12548 + authors: + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 + message: |- + Developer: f:possibleReadOnlyField jelly tag, wraps fields in an if readonly check and then outputs the result as text if the authenticated user only has read access. + N/A is added if the field is empty. + - type: major rfe + category: developer + pull: 4506 + issue: 12548 + authors: + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 + message: |- + Developer: l:hasAdministerOrManage jelly tag, hides the body of the tag if the user doesn't have Jenkins.ADMINISTER or Jenkins.MANAGE. + - type: rfe + category: rfe + pull: 4365 + issue: 60266 + authors: + - mikecirioli + references: + - pull: 4501 + - issue: 60266 + - url: https://github.com/jenkinsci/jep/blob/master/jep/223/README.adoc + title: JEP-223 + message: |- + The permissions Overall/RunScripts, Overall/UploadPlugins, and Overall/ConfigureUpdateCenter are now deprecated. + Custom authorization strategy implementations that grant Overall/Administer without implying one or more of these three permissions will no longer work as expected. + Configurations that grant any of these permissions to users without Overall/Administer will no longer work as expected. + - type: rfe + category: rfe + pull: 4509 + authors: + - daniel-beck + message: |- + Remove the ability to have CSRF protection disabled. + Instances upgrading from older versions of Jenkins will have CSRF protection enabled and the default issuer set if they currently have it disabled. + - type: rfe + category: rfe + pull: 4487 + issue: 60966 + authors: + - Dohbedoh + message: |- + Order Admin Monitors in Global Configuration page. + - type: rfe + category: rfe + pull: 4499 + authors: + - daniel-beck + message: |- + Add memory usage monitor to system information page. + - type: bug + category: bug + pull: 4504 + issue: 61121 + authors: + - daniel-beck + message: |- + Fix too many open files error when using resource domain. + - type: rfe + category: localization + pull: 4505 + authors: + - jbleduigou + message: |- + Add french translation for concurrent build help. + - type: rfe + category: internal + pull: 4497 + authors: + - res0nance + message: |- + Improve performance when loading tied jobs. + - type: rfe + category: developer + pull: 4488 + issue: 61046 + authors: + - jtnord + message: |- + Developer: Allow plugins to force an update of an UpdateSite. + + # pull: 4496 (PR title: Follow up optimizations to getAllItems() and getItems()) + # pull: 4508 (PR title: [JENKINS-36720] Spotbugs fix possible NPE) + # pull: 4510 (PR title: [JENKINS-36720] Fix instances of double checked locking) + # pull: 4511 (PR title: [JENKINS-36720] Spotbugs fixes) + # pull: 4514 (PR title: Update note after this was done wrong yet again) + # DO NOT EDIT THIS FILE DIRECTLY ON GITHUB IF YOU HAVE COMMIT ACCESS # ALL CHANGES MUST GO THROUGH PULL REQUESTS # MALFORMED FILE CONTENTS WILL BREAK THE SITE BUILD From b59fdce24a2abbccf83f455b1e943c4238132464 Mon Sep 17 00:00:00 2001 From: Mark Waite Date: Sun, 23 Feb 2020 21:29:04 -0700 Subject: [PATCH 2/7] Use correect pull request reference --- content/_data/changelogs/weekly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 3c217028de6c..6d50a8780b6b 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6385,7 +6385,7 @@ authors: - mikecirioli references: - - pull: 4501 + - pull: 4365 - issue: 60266 - url: https://github.com/jenkinsci/jep/blob/master/jep/223/README.adoc title: JEP-223 From f75c314b6b96fec7e65adb48d2c827d41ba360e7 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 24 Feb 2020 09:39:13 +0100 Subject: [PATCH 3/7] Jenkins 2.222: Update the changelog --- content/_data/changelogs/weekly.yml | 114 ++++++++++++++-------------- 1 file changed, 59 insertions(+), 55 deletions(-) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 6d50a8780b6b..788efeb860bb 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6304,12 +6304,12 @@ - fqueiruga - daniel-beck message: |- - Visual revamp of the layout and icons of the header bar and breadcrumbs. Instances with plugins that depend on details of the Jenkins layout (e.g. Simple Theme Plugin) may experience UI/layout problems. - A new header color scheme can be enabled by setting the system property jenkins.ui.refresh to true. + Revamp the layout and icons of the header bar and breadcrumbs. + Instances with plugins that depend on details of the Jenkins layout (e.g. Simple Theme Plugin) may experience UI/layout problems. + A new experimental header color scheme can be enabled by setting the system property jenkins.ui.refresh to true. - type: major rfe category: major rfe pull: 4501 - issue: 60266 authors: - daniel-beck - timja @@ -6319,12 +6319,11 @@ - url: https://github.com/jenkinsci/jep/blob/master/jep/223/README.adoc title: JEP-223 message: |- - Add a new permission Overall/Manage which allows a user to configure parts of the global Jenkins configuration without having the Overall/Administer permission. + Add a new experimental Overall/Manage permission which allows a user to configure parts of the global Jenkins configuration without having the Overall/Administer permission. This is an experimental feature, disabled by default, that can be enabled by setting the jenkins.security.ManagePermission system property to true. - type: major rfe category: major rfe pull: 4506 - issue: 12548 authors: - daniel-beck - timja @@ -6334,50 +6333,7 @@ - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc title: JEP-224 message: |- - Adds a system read permission, which gives (almost) full read access to the Jenkins instance, this is disabled by default, install the extended-read plugin to activate it. - - type: major rfe - category: developer - pull: 4506 - issue: 12548 - authors: - - daniel-beck - - timja - references: - - pull: 4506 - - issue: 12548 - - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc - title: JEP-224 - message: |- - Developer: New checkAnyPermission, hasAnyPermission methods that allow access if a user has one of the supplied permissions, - - type: major rfe - category: developer - pull: 4506 - issue: 12548 - authors: - - daniel-beck - - timja - references: - - pull: 4506 - - issue: 12548 - - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc - title: JEP-224 - message: |- - Developer: f:possibleReadOnlyField jelly tag, wraps fields in an if readonly check and then outputs the result as text if the authenticated user only has read access. - N/A is added if the field is empty. - - type: major rfe - category: developer - pull: 4506 - issue: 12548 - authors: - - daniel-beck - - timja - references: - - pull: 4506 - - issue: 12548 - - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc - title: JEP-224 - message: |- - Developer: l:hasAdministerOrManage jelly tag, hides the body of the tag if the user doesn't have Jenkins.ADMINISTER or Jenkins.MANAGE. + Add an experimental system read permission, which gives (almost) full read access to the Jenkins instance, this is disabled by default, install the extended-read plugin to activate it. - type: rfe category: rfe pull: 4365 @@ -6389,8 +6345,13 @@ - issue: 60266 - url: https://github.com/jenkinsci/jep/blob/master/jep/223/README.adoc title: JEP-223 + - url: https://jenkins.io/security/advisory/2017-04-10/#matrix-authorization-strategy-plugin-allowed-configuring-dangerous-permissions + title: 2017-04-10 security advisory for Matrix Authorization plugin + - url: https://jenkins.io/security/advisory/2017-04-10/#role-based-authorization-strategy-plugin-allowed-configuring-dangerous-permissions + title: 2017-04-10 security advisory for Role-Based Authorization plugin message: |- - The permissions Overall/RunScripts, Overall/UploadPlugins, and Overall/ConfigureUpdateCenter are now deprecated. + Deprecate the Overall/RunScripts, Overall/UploadPlugins, and Overall/ConfigureUpdateCenter permissions. + Permissions were announced as dangerous and disabled by default in major authorization plugins in 2017. Custom authorization strategy implementations that grant Overall/Administer without implying one or more of these three permissions will no longer work as expected. Configurations that grant any of these permissions to users without Overall/Administer will no longer work as expected. - type: rfe @@ -6416,6 +6377,13 @@ - daniel-beck message: |- Add memory usage monitor to system information page. + - type: rfe + category: rfe + pull: 4497 + authors: + - res0nance + message: |- + Improve performance when loading tied jobs. - type: bug category: bug pull: 4504 @@ -6423,7 +6391,7 @@ authors: - daniel-beck message: |- - Fix too many open files error when using resource domain. + Fix issue with too many open files error when using resource domain. - type: rfe category: localization pull: 4505 @@ -6432,12 +6400,48 @@ message: |- Add french translation for concurrent build help. - type: rfe - category: internal - pull: 4497 + category: developer + pull: 4506 + issue: 12548 authors: - - res0nance + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 message: |- - Improve performance when loading tied jobs. + Developer: Add new checkAnyPermission, hasAnyPermission methods that allow access if a user has one of the supplied permissions. + - type: rfe + category: developer + pull: 4506 + issue: 12548 + authors: + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 + message: |- + Developer: Add a new f:possibleReadOnlyField jelly tag, wraps fields in an if readonly check and then outputs the result as text if the authenticated user only has read access. + N/A is added if the field is empty. + - type: rfe + category: developer + pull: 4506 + issue: 12548 + authors: + - daniel-beck + - timja + references: + - pull: 4506 + - issue: 12548 + - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc + title: JEP-224 + message: |- + Developer: Add a new l:hasAdministerOrManage jelly tag, hides the body of the tag if the user doesn't have Jenkins.ADMINISTER or Jenkins.MANAGE. - type: rfe category: developer pull: 4488 From 6ec6fa3e6641ef662021ba1c8b1aec32b5c5dbcb Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 24 Feb 2020 09:58:15 +0100 Subject: [PATCH 4/7] Jenkins 2.222 changelog: more copy-edits --- content/_data/changelogs/weekly.yml | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 788efeb860bb..0914f30883f5 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6306,7 +6306,23 @@ message: |- Revamp the layout and icons of the header bar and breadcrumbs. Instances with plugins that depend on details of the Jenkins layout (e.g. Simple Theme Plugin) may experience UI/layout problems. - A new experimental header color scheme can be enabled by setting the system property jenkins.ui.refresh to true. + A new experimental header color scheme can be enabled by setting the jenkins.ui.refresh system property to true. + - type: major rfe + category: major rfe + pull: 4463 + authors: + - fqueiruga + - daniel-beck + message: |- + Introduce a new experimental UI that can be enabled by setting the jenkins.ui.refresh system property to true. + Currently it includes a new header color scheme, more changes to be added as a part of the UI/UX revamp. + references: + - pull: 4463 + - issue: 60920 + - url: https://github.com/jenkinsci/jep/blob/master/jep/223/README.adoc + title: JEP-223 + - url: https://jenkins.io/sigs/ux/ + title: Jenkins UX SIG - type: major rfe category: major rfe pull: 4501 @@ -6332,8 +6348,11 @@ - issue: 12548 - url: https://github.com/jenkinsci/jep/blob/master/jep/224/README.adoc title: JEP-224 + - url: https://plugins.jenkins.io/extended-read-permission/ + title: Extended Read Permission plugin message: |- - Add an experimental system read permission, which gives (almost) full read access to the Jenkins instance, this is disabled by default, install the extended-read plugin to activate it. + Add a new experimental `Overall/SystemRead` permission, which gives (almost) full read access to the Jenkins instance. + The permission is disabled by default, install the Extended Read Permission plugin plugin to activate it. - type: rfe category: rfe pull: 4365 From d407d8042e67c1bb1366682df0e6040efa0163b6 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 24 Feb 2020 10:13:16 +0100 Subject: [PATCH 5/7] Update content/_data/changelogs/weekly.yml Co-Authored-By: Tim Jacomb --- content/_data/changelogs/weekly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 0914f30883f5..6e7dcab45b76 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6351,7 +6351,7 @@ - url: https://plugins.jenkins.io/extended-read-permission/ title: Extended Read Permission plugin message: |- - Add a new experimental `Overall/SystemRead` permission, which gives (almost) full read access to the Jenkins instance. + Add a new experimental Overall/SystemRead permission, which gives (almost) full read access to the Jenkins instance. The permission is disabled by default, install the Extended Read Permission plugin plugin to activate it. - type: rfe category: rfe From 22518675d030c05cd2164480bb1e539cfd934ab6 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 24 Feb 2020 10:13:25 +0100 Subject: [PATCH 6/7] Update content/_data/changelogs/weekly.yml Co-Authored-By: Tim Jacomb --- content/_data/changelogs/weekly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 6e7dcab45b76..501ceb4f2613 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6352,7 +6352,7 @@ title: Extended Read Permission plugin message: |- Add a new experimental Overall/SystemRead permission, which gives (almost) full read access to the Jenkins instance. - The permission is disabled by default, install the Extended Read Permission plugin plugin to activate it. + The permission is disabled by default, install the Extended Read Permission plugin to activate it. - type: rfe category: rfe pull: 4365 From b768bd23c645f8db8296845aa1ee39b8b9eb142c Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Mon, 24 Feb 2020 11:13:35 +0100 Subject: [PATCH 7/7] Changelog 2.222: Fix Authors --- content/_data/changelogs/weekly.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml index 501ceb4f2613..4431b359ae85 100644 --- a/content/_data/changelogs/weekly.yml +++ b/content/_data/changelogs/weekly.yml @@ -6328,7 +6328,9 @@ pull: 4501 authors: - daniel-beck - - timja + - mikecirioli + - EstherAF + - aHenryJard references: - pull: 4501 - issue: 60266 @@ -6341,8 +6343,8 @@ category: major rfe pull: 4506 authors: - - daniel-beck - timja + - daniel-beck references: - pull: 4506 - issue: 12548