Documentation office hours - January 8, 2026

2026-01-08T16:00:00Z

Attendees:

• Kris Stern
• Mark Waite
• Bruno Verachten

Agenda:

• Jenkins GSoC 2026 new org admins and preparation
  • Shivay Lamba and Vutukuri Sreenivas have begun duties as new org admins, working alongside Kris Stern
  • Both Shivay and V. have been added to the gsoc team to facilitate their serving of their org admin duties for jenkins.io related matters
  • The new org admin team has already met a few times since mid-December to earlier this Monday to prepare for the Jenkins application as a GSoC 2026 mentoring org, more plannings are planned
  • Jenkins.io site retooling efforts
    • To be continued in GSoC 2026
  • Chinese documentation site work
    • To be concluded in GSoC 2026
• LTS and Weekly releases
  • 2.541.1 LTS preparation is currently underway
    • Release Lead is Shalini Sudarsan assisted by Kris Stern
    • RC preparation work is still in progress
  • 2.545
    • Released on January 5, 2026
    • Major enhancement
      • Require Java 21 or newer. pull 26018
    • Enhancement
      • Add telemetry for Java properties. pull 26038
      • Bump the minimum supported remoting.jar version to 3176.v207ec082a_8c0 pull 26034
    • Bug fix
      • Prevent race conditions during initial administrator account creation. pull 26036
      • Avoid NPE in Job#getLastBuildsOverThreshold pull 26005
      • Use rootURL in Cloud sidepanel so links in actions work properly. pull 26004
  • 2.544
    • Released on December 29, 2025
    • Bug fix
      • Display a brief message on update site signature verification failure instead of showing a stack trace. JENKINS-75905
  • 2.543
    • Released on December 23, 2025
    • Enhancement
      • No longer include the client IP address in CSRF protection token (“crumb”) calculation. Effectively, the behavior is the same as if the (now removed) “Enable proxy compatibility” option were always checked. pull 25918
      • Show a warning to administrators who set the hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID flag, informing them of the further reduced safety, and the option’s planned future removal. pull 25918
    • Bug fix
      • Fix console log copy button for freestyle projects that have finished (regression in 2.493). pull 25953
      • Allow large forms to be submitted (regression in 2.531). pull 25968
  • 2.542
    • December 15, 2025
    • Enhancement
      • Add telemetry for Content Security Policy enforcement. pull 23901
      • Enables the Overall/Manage permission by default. This permission when granted to users allows them to configure certain parts of Jenkins’ global configuration without the ability to execute arbitrary code. pull 23873
      • Truncate verbose queue blockage messages to show maximum 5 reasons with “… and N more” suffix. JENKINS-45927
      • Allow entirely disabling CSP headers to work around unusual Jenkins configurations resulting in excessive HTTP response header lengths. pull 23915
      • Update Winstone to version 8.1026.v31def012a_f48 to increase the default maximum HTTP response header size to 32KB to account for very complex Content Security Policy headers. pull 25901
    • Bug fix
      • Fix NullPointerException in “ReverseBuildTrigger” when configuration has a missing threshold. JENKINS-39044
• Recent notable contributions from the most recent ones
  • Thanks Daniel Beck for the PR to Improve grammar/readability a bit in CSP docs
  • Thanks Mark Waite for the PR to Do not drop Java 17 support from 2.541.1 and other PRs
  • Thanks DHANUSH VANARASA for the PR on docs: clarify required Java version during installation
  • Thanks Alex Brandes for the PR on Document drop of Java 17 in java policy and other PRs
  • Plus thanks to the others including Rajiv Singh, Shivay Lamba, V. Sreenivas for their PR contributions
• Platform SIG
  • Re-scheduled next Tuesday 4pm UTC for just one time
  • The next one following has been cancelled