Enhancement
-
Add telemetry for Content Security Policy enforcement.
pull 23901
-
Enables the
Overall/Manage permission by default.
This permission when granted to users allows them to configure certain parts of Jenkins' global configuration without the ability to execute arbitrary code.
pull 23873
-
Truncate verbose queue blockage messages to show maximum 5 reasons with "... and N more" suffix.
JENKINS-45927
-
Allow entirely disabling CSP headers to work around unusual Jenkins configurations resulting in excessive HTTP response header lengths.
pull 23915
-
Update Winstone to version 8.1026.v31def012a_f48 to increase the default maximum HTTP response header size to 32KB to account for very complex Content Security Policy headers.
pull 25901
Bug fix
-
Fix NullPointerException in "ReverseBuildTrigger" when configuration has a missing threshold.
JENKINS-39044