diff --git a/content/_data/authors/cnu1812.adoc b/content/_data/authors/cnu1812.adoc
new file mode 100644
index 000000000000..610602de8b77
--- /dev/null
+++ b/content/_data/authors/cnu1812.adoc
@@ -0,0 +1,7 @@
+---
+name: "Vutukuri Sreenivas"
+github: "cnu1812"
+linkedin: "v-sreenivas-985088203"
+---
+
+A professional with an ardent passion for cloud-native architectures, application modernization, and cloud computing.
diff --git a/content/_data/changelogs/lts.yml b/content/_data/changelogs/lts.yml
index 7e517b3ebf61..556e77850db4 100644
--- a/content/_data/changelogs/lts.yml
+++ b/content/_data/changelogs/lts.yml
@@ -11751,6 +11751,16 @@
pr_title: "Allow for null to be passed to doSafeRestart"
message: |-
Allow null to be passed as the first argument to doSafeRestart.
+ - type: bug
+ category: bug
+ pull: 9790
+ issue: 73824
+ authors:
+ - dwnusbaum
+ pr_title: "[JENKINS-73824] Wait for Pipeline builds to complete before allowing
+ their jobs to be deleted"
+ message: |-
+ Wait for ongoing Pipeline builds to fully complete before allowing their parent job to be deleted.
lts_changes: # compared to lts_predecessor 2.462.3 (selected by personal review)
@@ -12244,6 +12254,16 @@
pr_title: "Backporting for 2.479.3 LTS (part 3)"
message: |-
Fix double-zipped .tgz files so they are no longer mismatched.
+ - type: bug
+ category: bug
+ pull: 10065
+ issue: 75003
+ authors:
+ - basil
+ pr_title: "[JENKINS-75003] Zip-based tool installer configuration incorrectly
+ rejects non-HTTP(S) URLs (regression in 2.379)"
+ message: |-
+ Allow non-HTTP(S) URLs in zip-based tool installer configuration.
- type: bug
category: bug
pull: 9983
@@ -12262,6 +12282,280 @@
pr_title: "[JENKINS-73907] Fix double-escaped tooltips in 'Help for feature'"
message: |-
Fix double-escaped tooltips in "Help for feature" (regression in 2.380).
+
+- version: "2.492.1"
+ date: 2025-02-05
+ lts_predecessor: "2.479.3"
+ lts_baseline: "2.492"
+ changes: # compared to lts_baseline 2.492 - extracted from the RC commit(s)
+
+ - type: rfe
+ category: rfe
+ pull: 10196
+ authors:
+ - markewaite
+ pr_title: "Disable JnlpSlaveRestarterInstallerTest on ci.jenkins Windows agents"
+ message: |-
+ Disable the JnlpSlaveRestarterInstallerTest on ci.jenkins Windows agents.
+
+ lts_changes: # compared to lts_predecessor 2.479.3 (selected by personal review)
+
+ - type: major rfe
+ category: rfe
+ pull: 10045
+ issue: 73539
+ authors:
+ - timja
+ - zbynek
+ - janfaracik
+ - fqueiruga
+ pr_title: "[JENKINS-73539] Disable YUI by default"
+ message: |-
+ Disable the Yahoo! User Interface library by default.
+ - type: major rfe
+ category: rfe
+ pull: 7569
+ authors:
+ - janfaracik
+ - timja
+ - NotMyFault
+ pr_title: Overhaul search with a Command Palette
+ message: |-
+ Add Command Palette as a replacement for the search bar.
+ - type: major rfe
+ category: rfe
+ authors:
+ - janfaracik
+ pr_title: Refine content and appearance of the 'Edit View' screen
+ references:
+ - pull: 9734
+ - pull: 9735
+ - pull: 9833
+ message: |-
+ Refine and modernize the appearance of several pages.
+ - type: rfe
+ category: rfe
+ pull: 10049
+ authors:
+ - janfaracik
+ - timja
+ pr_title: Add icons to Command Palette
+ message: |-
+ Add icons to Command Palette.
+ - type: rfe
+ category: rfe
+ authors:
+ - mustsafu
+ pr_title: Turkish localization fixes for node list page
+ references:
+ - pull: 9928
+ - pull: 9916
+ message: |-
+ Add Turkish translations for node list and RSS links.
+ - type: rfe
+ category: rfe
+ pull: 9462
+ authors:
+ - timja
+ pr_title: Use standard dropdowns for combobox
+ message: |-
+ Modernize ComboBox component.
+ - type: rfe
+ category: rfe
+ pull: 9787
+ issue: 73813
+ authors:
+ - mawinter69
+ pr_title: "[JENKINS-73813] Show a notification when scheduling a build fails"
+ message: |-
+ Show a notification when scheduling a build fails.
+ - type: rfe
+ category: rfe
+ pull: 9930
+ authors:
+ - jglick
+ pr_title: Clarify SECURITY-3315 error code on client side
+ message: |-
+ Clearer error message for the CLI in the default webSocket mode when a 403 error results from a reverse proxy misconfiguration.
+ - type: rfe
+ category: rfe
+ pull: 9883
+ authors:
+ - Vlatombe
+ pr_title: Display appropriate GUI that accurately displays offline by design
+ message: |-
+ The agents online/offline status and icon can now be influenced by the offline cause, giving better information to users.
+ Clarifies some use cases when an agent was offline by design and not because of a configuration or technical error.
+ - type: rfe
+ category: rfe
+ authors:
+ - Vlatombe
+ pr_title: "[JENKINS-30101][JENKINS-30175] Simplify persistence design for
+ temporarily offline status"
+ references:
+ - pull: 9855
+ - issue: 30101
+ - issue: 30175
+ message: |-
+ Retain user-generated offline reason when agent connects or disconnects for technical reasons.
+ - type: rfe
+ category: rfe
+ pull: 10026
+ authors:
+ - mtughan
+ pr_title: Allow all immutable List subclasses from Java 11
+ message: |-
+ Allow all immutable List subclasses from Java 11 over remoting.
+ - type: rfe
+ category: rfe
+ pull: 10058
+ authors:
+ - Vlatombe
+ pr_title: "Simplify AtomicFileWriter and use clearer temporary file names"
+ message: |-
+ Avoid printing the same stack trace multiple times when file persistence fails.
+ Temporary file names used by the AtomicFileWriter are now derived from the target file name.
+ - type: rfe
+ category: rfe
+ pull: 9995
+ issue: 74858
+ authors:
+ - tejasdrolia
+ pr_title: "[JENKINS-74858] Added validation for Password length in FIPS mode"
+ message: |-
+ Added password validation to ensure that existing users cannot create a password of less than 14 characters in length when in FIPS mode.
+ - type: rfe
+ category: rfe
+ pull: 9903
+ authors:
+ - jglick
+ pr_title: Removing configurability of `Jenkins.agentProtocols`
+ message: |-
+ Stop allowing configuration of the agent protocols list.
+ - type: rfe
+ category: rfe
+ authors:
+ - basil
+ pr_title: "Winstone 8.2: Upgrade Jetty from 12.0.13 to Jetty 12.0.14"
+ references:
+ - pull: 9841
+ - url: https://github.com/jetty/jetty.project/releases/jetty-12.0.14
+ title: Jetty 12.0.14 changelog
+ - url: https://github.com/jenkinsci/winstone/releases/winstone-8.2
+ title: Winstone 8.2 changelog
+ message: |-
+ Upgrade Winstone to 8.2 in order to update Jetty from 12.0.13 to 12.0.14.
+ - type: rfe
+ category: rfe
+ pull: 9787
+ issue: 73813
+ authors:
+ - mawinter69
+ pr_title: "[JENKINS-73813] Show a notification when scheduling a build fails"
+ message: |-
+ Show a notification when scheduling a build fails.
+ - type: bug
+ category: bug
+ pull: 10106
+ issue: 74868
+ authors:
+ - timja
+ pr_title: "[JENKINS-74868] Use new build status symbols in multi branch projects"
+ message: |-
+ Use refined build status icons in multibranch projects.
+ - type: bug
+ category: bug
+ pull: 10081
+ authors:
+ - timja
+ pr_title: Form checker enhancements for radio
+ message: |-
+ Form validation that depends on radio buttons now finds the selected one and not the previous one.
+ - type: bug
+ category: bug
+ pull: 10089
+ authors:
+ - jglick
+ pr_title: "`headerCommandPaletteButton` undefined when `JenkinsHeader` not
+ loaded"
+ message: |-
+ Since 2.489, JavaScript errors could be seen in some Jenkins pages, such as the setup wizard, omitting the usual header bar.
+ - type: bug
+ category: bug
+ pull: 10054
+ authors:
+ - timja
+ pr_title: Fix scrolling with keyboard
+ message: |-
+ Fix scrolling with keyboard.
+ - type: bug
+ category: bug
+ pull: 7078
+ issue: 69549
+ authors:
+ - frankie139506
+ - NotMyFault
+ - timja
+ pr_title: "[JENKINS-69549] Margins for headers and paragraphs make descriptions
+ …"
+ message: |-
+ Reduce spacing in help files.
+ - type: bug
+ category: bug
+ pull: 9739
+ issue: 72979
+ authors:
+ - debayangg
+ pr_title: "[JENKINS-72979] Remove trailing space from Windows agent secret
+ file instructions"
+ message: |-
+ Remove trailing space from Windows agent secret file instructions.
+ - type: bug
+ category: bug
+ pull: 10070
+ authors:
+ - timja
+ pr_title: Revert "Update dependency hotkeys-js to v3.13.9"
+ message: |-
+ Revert update of hotkeys-js dependency introduced in 2.490.
+ The hotkeys-js bump caused a regression with Jenkins plugin BOM tests.
+ - type: bug
+ category: bug
+ pull: 10022
+ authors:
+ - daniel-beck
+ pr_title: Revert "Fixed spotbugs `PATH_TRAVERSAL_IN` issue in `FileBoolean`"
+ message: |-
+ Restore the original behavior of FileBoolean(Class, String).
+ - type: bug
+ category: bug
+ pull: 9925
+ authors:
+ - jglick
+ pr_title: "Race condition & memory leak in TypedFilter"
+ message: |-
+ Fix a rare race condition rendering pages soon after startup.
+ - type: bug
+ category: bug
+ pull: 9908
+ issue: 73845
+ authors:
+ - Dohbedoh
+ pr_title: "[JENKINS-73845] Fix OperatingSystemEndOfLifeAdminMonitor endOfLifeDate
+ displayed on first warning day"
+ message: |-
+ Fix end of life operating system monitor that shows 2099-12-31 on the first day a warning should be displayed.
+ - type: bug
+ category: bug
+ pull: 9727
+ issue: 63343
+ authors:
+ - dwnusbaum
+ pr_title: "[JENKINS-63343] Validate element types for collections and maps
+ when deserializing XML files"
+ message: |-
+ Ignore values with incorrect types when deserializing collections and maps in XML files.
+
# DO NOT EDIT THIS FILE DIRECTLY
# ALL CHANGES MUST GO THROUGH PULL REQUESTS
# MALFORMED FILE CONTENTS WILL BREAK THE SITE BUILD
diff --git a/content/_data/changelogs/weekly.yml b/content/_data/changelogs/weekly.yml
index 43ab518d07e9..34d75afe2d05 100644
--- a/content/_data/changelogs/weekly.yml
+++ b/content/_data/changelogs/weekly.yml
@@ -25859,6 +25859,38 @@
# pull: 10219 (PR title: Update dependency org.jenkins-ci.plugins:matrix-auth to v3.2.4)
# pull: 10220 (PR title: Update dependency io.jenkins.plugins:gson-api to v2.11.0-109.v1ef91dd0829a_)
+ - version: '2.496'
+ date: 2025-02-04
+ changes:
+ - type: rfe
+ category: rfe
+ pull: 10198
+ authors:
+ - janfaracik
+ pr_title: Improve accessibility and clean up components
+ message: |-
+ Improve accessibility and clean up various components.
+ - type: rfe
+ category: developer
+ pull: 10185
+ issue: 75174
+ authors:
+ - Vlatombe
+ pr_title: "[JENKINS-75174] Move existing `web.xml` to `web-fragment.xml` under
+ core"
+ message: |-
+ Developer: To test plugins against this Jenkins version, please update your plugin parent POM to version 5.6 or later.
+ # pull: 10190 (PR title: Remove `robust-http-client`)
+ # pull: 10217 (PR title: Update dependency commons-codec:commons-codec to v1.18.0)
+ # pull: 10218 (PR title: Update dependency org.jenkins-ci.main:jenkins-test-harness to v2391)
+ # pull: 10219 (PR title: Update dependency org.jenkins-ci.plugins:matrix-auth to v3.2.4)
+ # pull: 10220 (PR title: Update dependency io.jenkins.plugins:gson-api to v2.11.0-109.v1ef91dd0829a_)
+ # pull: 10223 (PR title: Update dependency stylelint to v16.14.1)
+ # pull: 10224 (PR title: Removed obsolete spotbugs exclusion)
+ # pull: 10228 (PR title: remove commons-codec usage from core)
+ # pull: 10229 (PR title: Update dependency io.jenkins.plugins:design-library to v355)
+ # pull: 10231 (PR title: Update dependency io.jenkins.plugins:gson-api to v2.12.1-113.v347686d6729f)
+
# DO NOT EDIT THIS FILE DIRECTLY ON GITHUB IF YOU HAVE COMMIT ACCESS
# ALL CHANGES MUST GO THROUGH PULL REQUESTS
# MALFORMED FILE CONTENTS WILL BREAK THE SITE BUILD
diff --git a/content/_data/upgrades/2-492-1.adoc b/content/_data/upgrades/2-492-1.adoc
new file mode 100644
index 000000000000..022b67fae980
--- /dev/null
+++ b/content/_data/upgrades/2-492-1.adoc
@@ -0,0 +1,18 @@
+==== Yahoo! UI disabled by default
+
+The Yahoo! User Interface library (YUI) is now disabled by default in Jenkins.
+There have been several pull requests created towards this goal, with work being done over several years by multiple contributors.
+Additionally, elements of Jenkins that were originally built with YUI have been replaced with alternatives to help ensure there is no loss of functionality.
+
+If you need to re-enable YUI in your Jenkins environment, you must set the following system property:
+
+`-Djenkins.model.experimentalflags.RemoveYuiUserExperimentalFlag.defaultValue="false"`
+
+Full removal of YUI will occur in a later LTS release, providing time for users to configure their environments accordingly.
+
+==== Removing configurability of Jenkins agent protocols list
+
+The list of agent protocols is no longer configurable through the GUI or the Configuration as Code (JCasC) plugin.
+Going forward, there are two protocols: one for inbound TCP agents and a ping protocol used to test connectivity.
+The `agentProtocols` section of a JCasC bundle should be deleted because it will now be ignored.
+If you do not wish to allow inbound TCP agents, disable the port instead of the protocol.
diff --git a/content/doc/book/security/access-control/permissions.adoc b/content/doc/book/security/access-control/permissions.adoc
index a8d3229f184f..53d278bb0a15 100644
--- a/content/doc/book/security/access-control/permissions.adoc
+++ b/content/doc/book/security/access-control/permissions.adoc
@@ -5,8 +5,6 @@ layout: documentation
:toc:
:toclevels: 3
-// TODO add some more permissions
-
The following sections describe the access granted to users with (or without) the specified permissions.
== Default Permissions
@@ -108,6 +106,118 @@ Anything they cannot accomplish through the existing UI they can do through the
An instance on which an untrusted user gained _Overall/Administer_ permission should be considered fully compromised and should be replaced.
All secrets (credentials, etc.) stored on that instance should be rotated or revoked and all artifacts created from that point on should be verified.
+
+=== _Agent_ Permissions
+
+Agent/Build::
+This permission allows users to run jobs as them on agents.
+In default setup where all builds run under SYSTEM user this permission is not relevant,
+but if link:/doc/book/security/build-authorization/[build authorization] is active this permission defines which users may run jobs on agents.
+
+Agent/Configure::
+This permission allows users to configure agents.
+Users with this permission can make all jobs run on a computer where they have root access,
+gaining access to all information used by the build (content of files, environment variables including credentials).
+
+Agent/Connect::
+This permission allows users to connect agents or mark agents as online.
++
+This permission is implied by _Agent/Disconnect_.
+
+Agent/Create::
+This permission allows users to create agents. Security implications are the same as for _Agent/Configure_.
+
+Agent/Delete::
+This permission allows users to delete existing agents.
+
+Agent/Disconnect::
+This permission allows users to disconnect agents or mark agents as temporarily offline.
+
+=== _Job_ Permissions
+
+Though these permissions use the word "Job" in their name,
+they refer to any items you can create using the _New Item_ menu option (freestyle jobs, folders, pipelines, ...)
+
+Job/Build::
+This permission grants the ability to start a new build.
+
+Job/Cancel::
+This permission grants the ability to cancel a scheduled, or abort a running, build.
+
+Job/Configure::
+Change the configuration of a job.
+
+Job/Create::
+Create a new job.
+
+Job/Delete::
+Delete a job.
+
+Job/Discover::
+This permission grants discover access to jobs.
+Lower than read permissions, it allows you to redirect anonymous users to the login page when they try to access a job url.
+Without it they would get a 404 error and wouldn't be able to discover project names.
++
+This permission is only useful if anonymous users have _Overall/Read_ permission, but not _Job/Read_.
+It is implied by _Job/Read_.
+
+Job/Move::
+Required to move a job from one folder (or Jenkins root) to another.
+
+Job/Read::
+See a job. (You may deny this permission but allow Discover to force an anonymous user to log in to see the job.)
+
+Job/Workspace::
+This permission grants the ability to retrieve the contents of a workspace Jenkins checked out for performing builds.
+If you don’t want a user to access files in the workspace (e.g. source code checked out from SCM or intermediate build results) through the workspace browser, you can revoke this permission.
+
+=== _Run_ Permissions
+
+Run/Delete::
+This permission allows users to manually delete specific builds from the build history.
+
+Run/Update::
+This permission allows users to update description and other properties of a build, for example to leave notes about the cause of a build failure.
+
+=== _View_ Permissions
+
+View/Configure::
+This permission allows users to change the configuration of views.
+
+View/Create::
+This permission allows users to create new views.
+
+View/Delete::
+This permission allows users to delete existing views.
+
+View/Read::
+This permission allows users to see views (implied by generic read access).
+
+=== _Credentials_ Permissions
+
+Following permissions are only enabled if the plugin:credentials[Credentials Plugin] is installed
+
+Credentials/Create::
+The create permission is necessary to add credentials to a credentials provider.
+
+Credentials/Delete::
+The delete permission is necessary to remove credentials stored in a credentials provider.
+
+Credentials/ManageDomains::
+The manage domains permission is necessary to add/remove/configure the credential domains of a credentials provider (where the credentials provider supports multiple credential domains).
+
+Credentials/Update::
+The update permission is necessary to modify credentials in a credentials provider.
+
+Credentials/View::
+The view permission is necessary to view the credentials stored in a credentials provider.
+
+=== Pipeline-related Permissions
+
+Run/Replay::
+Ability to perform a new Pipeline build with an edited script. This permission is implied by Job/Configure.
+This permission is enabled by plugin:workflow-cps[Pipeline: Groovy].
+
== Optional Permissions
These permissions are not enabled by default.
@@ -142,7 +252,6 @@ Learn more in jep:223[].
NOTE: This permission was added in Jenkins 2.222.
Some features, especially those provided by plugins, may not yet support this permission.
-
== Obsolete Permissions
The following three permissions are obsolete since Jenkins 2.222:
diff --git a/content/projects/gsoc/2025/project-ideas/ai-powered-chatbot-for-quick-access-to-jenkins-resources.adoc b/content/projects/gsoc/2025/project-ideas/ai-powered-chatbot-for-quick-access-to-jenkins-resources.adoc
new file mode 100644
index 000000000000..501405c2f40d
--- /dev/null
+++ b/content/projects/gsoc/2025/project-ideas/ai-powered-chatbot-for-quick-access-to-jenkins-resources.adoc
@@ -0,0 +1,76 @@
+---
+layout: gsocprojectidea
+title: "AI-Powered Chatbot for Quick Access to Jenkins Resources"
+goal: "Develop an AI-based chatbot to provide users with quick and intuitive access to Jenkins documentation, plugins, and community resources."
+category: Plugins
+year: 2025
+status: published
+mentors:
+- "cnu1812"
+- "krisstern"
+skills:
+- Natural Language Processing (NLP)
+- Python
+- JavaScript/TypeScript
+- Jenkins Plugin Development
+- Machine Learning
+links:
+ gitter: "jenkinsci_gsoc-sig:gitter.im"
+---
+
+As Jenkins continues to evolve, users often seek efficient ways to navigate its extensive documentation, plugins, and community discussions. This project proposes the development of an AI-powered chatbot integrated into the Jenkins interface, enabling users to retrieve information swiftly through natural language queries.
+
+**Project Description**
+
+The aim is to create a Jenkins plugin that embeds a chatbot capable of understanding and responding to user inquiries about Jenkins. Leveraging Natural Language Processing (NLP) and Machine Learning (ML) techniques, the chatbot will interpret user questions and provide relevant information from official documentation, plugin repositories, and community forums.
+
+**Benefits to the Community**
+
+- **Enhanced User Experience:** Users can obtain information quickly without leaving the Jenkins environment.
+- **Improved Accessibility:** Simplifies the learning curve for newcomers by providing instant answers to common questions.
+- **Increased Productivity:** Reduces the time spent searching for resources, allowing users to focus on development and deployment tasks.
+
+**Comparable Solutions**
+
+While there are existing AI chatbots in various domains, an AI assistant tailored specifically for Jenkins is limited. A community discussion highlighted interest in developing a Jenkins Assistant plugin, indicating a demand for such a tool. This project aims to fill that gap by offering a specialized solution within the Jenkins ecosystem.
+
+**Project Scope**
+
+- **Chatbot Development:** Implement NLP models to process and understand user queries related to Jenkins.
+- **Integration:** Develop a Jenkins plugin to host the chatbot, ensuring seamless interaction within the Jenkins user interface.
+- **Data Sources:** Configure the chatbot to access and retrieve information from Jenkins documentation, plugin directories, and community forums.
+- **User Interface:** Design an intuitive chat interface within Jenkins for user interactions.
+
+**Quickstart**
+
+To get started:
+
+1. **Familiarize Yourself with Jenkins Plugin Development:** Review the link:https://jenkins.io/doc/developer/tutorial/[Jenkins Plugin Tutorial].
+2. **Explore NLP Libraries:** Investigate NLP frameworks such as NLTK, spaCy, PyTorch, etc., that can be integrated into Python applications.
+3. **Understand Existing Chatbot Implementations:** Study existing chatbot plugins or tools to gather insights into design and functionality.
+
+**Links**
+
+- link:https://jenkins.io/doc/developer/tutorial/[Jenkins Plugin Tutorial]
+- link:https://nltk.org/[NLTK]
+- link:https://spacy.io/[spaCy]
+- link:https://pytorch.org/tutorials/beginner/chatbot_tutorial.html[PyTorch]
+
+**Project Size**
+
+175 Hours
+
+**Project Difficulty Level**
+
+Beginner
+
+
+**Newbie-friendly Issues**
+
+Potential applicants can explore the following tasks to prepare:
+
+- **Jenkins Plugin Development:** Start by creating a simple plugin to understand the basics of Jenkins plugin architecture.
+- **NLP Model Training:** Experiment with training NLP models on sample datasets to grasp the fundamentals of natural language understanding.
+- **Community Engagement:** Participate in Jenkins forums and Gitter channels to understand common user queries and challenges.
+
+By undertaking these preliminary tasks, contributors can build a solid foundation for developing an AI-powered chatbot that enhances the Jenkins user experience.