3993.v3e20a_37282f8

🔒 Security

• Fix SECURITY-3362.
  As part of this fix, a new -a argument was added to the replay-pipeline CLI command. It allows administrators to approve an unmodified, main (Jenkinsfile) script. This is useful in combination with -s / --script.

3975.3977.v478dd9e956c3

🔒 Security

• Fix SECURITY-3362.
  As part of this fix, a new -a argument was added to the replay-pipeline CLI command. It allows administrators to approve an unmodified, main (Jenkinsfile) script. This is useful in combination with -s / --script.
  Backport of 3993.v3e20a_37282f8 on top of 3975.v567e2a_1ffa_22.

3990.vd281dd77a_388

👷 Changes for plugin developers

• JENKINS-73941 - Option to hide "Use Groovy Sandbox" for users without Administer permission globally in the system (#948) @jgarciacloudbees

3975.v567e2a_1ffa_22

🐛 Bug fixes

• Avoid holding locks from croak when calling notifyListeners (#944) @jglick

👻 Maintenance

• Parallelize tests (#942) @jglick

🚦 Tests

• CpsFlowExecutionTest.iterateAfterSuspend flaky (#945) @jglick

3969.vdc9d3a_efcc6a_

🚀 New features and improvements

• JENKINS-73031 - Print hint that a static interface method may be to blame (#936) @jglick

📦 Dependency updates

• Bump org.jenkins-ci.plugins:plugin from 4.87 to 4.88 (#934) @dependabot

3964.v0767b_4b_a_0b_fa_

🐛 Bug fixes

• Prevent NPEs in CpsFlowExecution.cleanUpGlobalClassValue to make Pipeline cleanup more robust (#933) @dwnusbaum

3961.ve48ee2c44a_b_3

🐛 Bug fixes

• JENKINS-73726 - Avoid NPE trying to cancel a block which is already done (#931) @jglick

📦 Dependency updates

• Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.4.1 (#921) @dependabot
• Bump org.jenkins-ci.plugins:plugin from 4.85 to 4.87 (#930) @dependabot
• Remove subversion test dep (#922) @jglick

3953.v19f11da_8d2fa_

🐛 Bug fixes

• False positives from LoggingInvoker.isInternal (#929) @jglick

3946.v7935cb_edb_f82

🐛 Bug fixes

• Clear CpsBodyExecution.thread (#925) @jglick

3943.v3519a_3260660

🚀 New features and improvements

• Improve support bundle data for running Pipelines, update support bundle component names and file paths, and update log warning for a particular type of error during step completion (#916) @dwnusbaum

👻 Maintenance

• Enable Jenkins Security Scan and bypass CodeQL's JavaCompiler to support JDK 17+ (#917) @dwnusbaum
• Removing stock security scan based on Java 11 (#915) @jglick
• Enable Jenkins Security Scan (#901) @strangelookingnerd

🚦 Tests

• Assert @Exported form of EnvActionImpl (#914) @jglick

📦 Dependency updates

• Bump io.jenkins.tools.incrementals:git-changelist-maven-extension from 1.7 to 1.8 (#885) @dependabot
• Bump org.testcontainers:testcontainers from 1.19.7 to 1.20.1 (#912) @dependabot