User Experience SIG - December 4, 2024

MarkEWaite · December 9, 2024, 8:05pm

2024-12-04T18:00:00Z

Dec 4, 2024

Attending
- Mark Waite
- Antoine Neveux
- Bruno Verachten
- Kris Stern
- Tim Jacomb
- Kevin Martens
- Soham Juneja
Topics
- Jenkins releases
  - Jenkins 2.488 released 3 Dec 2024
  - Jenkins 2.479.2 released 26 Nov 2024
    - Watching bug tracker closely, looks smooth (Spring Security 6 working well)
  - 2.479.3 scheduled for 8 Jan 2025, RC 11 Dec 2024
    - Kris Stern is release lead, using the release checklist
- GSoC project proposals
  - Google funds new contributors as the help open source projects
    - Projects have been successful in Jenkins
    - Kris Stern - GSoC lead organization admin
  - Project ideas
    - Documentation improvements - docs.jenkins.io and the versioned docs site
    - Revamp the stories.jenkins.io site - small project
  - Would anyone be willing to mentor?
    - No project idea will be submitted to Google without multiple mentors
- YahooUI removal - progress report and next steps
  - Markus Winter and Tim Jacomb discussing when and how we remove YahooUI from Jenkins
    - Plugin releases are completed (all over 2000 deployments)
    - Waiting for review on the command palette that has been waiting for months
      - PR-7569 - Use a command palette for search (needs more review)
    - Tim suggested to switch the feature flag to default without YahooUI
      - Then switch if off completely after a few weeks
      - Switch the feature flag back in commercial product
    - In the chat channel, make your voice heard there
- Jenkins Content Security Policy project
  - 3 month project for Yaroslav Afenkin and Shlomo Dahan
    - Funded by Alpha-Omega, improving security of open source projects
  - Blog post with the results from first month
  - Sheet shows the progress
  - Deployment alternatives for more restrictive Jenkins policy
    - Use CSP plugin while developing and testing
    - Final implementation in Jenkins core
  - Basil’s idea to improve migrations (like the CSP migration)
    - Traditional migrations prepare all the plugins, track them in a sheet, release them all, then flip the switch in a weekly release, with an escape hatch if needed
      - Examples
        
        Tables to divs
        
        PrototypeJS
        
        Jakarta EE 9
      - Benefits
        
        Simple once the switch is toggled, only one version to support
        
        Assured that you’ll have the improvement
      - Weaknesses
        
        Burden on implementers to prepare every plugin for compatibility
      - Unlikely to work for CSP because there are hundreds of plugins to change, 10x more than YahooUI
    - Yaroslav suggested a centrally maintained list of CSP compliant plugins
    - Basil suggested that we could use the local CSP results to recommend CSP setting to the user
      - If no CSP violations reported in a week (or 4 days or …), suggest they enable restrictive CSP
      - If CSP violations reported, suggest they disable restrictive CSP, submit a violation report
      - Benefits
        
        Adapts to actual plugin use in that Jenkins controller
        
        Benefits users that are using CSP compliant plugins
      - Weaknesses
        
        Jenkins core implementation is more complicated than a switch or escape hatch
    - Jenkins core feature, not a CSP plugin in its final implementation
- Recent UI topics
  - Active work / pending in Jenkins core (14 with web-ui label, 6 draft, 6 changes requested, 6 merge conflicts)
    - PR-8435 - Update appearance of keyboard shortcut tooltips
      - Needs additional review, predecessor to command palette
    - PR-7569 - Use a command palette for search
      - Removes another use of YahooUI
      - Question from Daniel Beck (2 months old) to judovana has not been answered
        
        Do we answer it ourselves and move forward?
    - PR-9959 - Autocomplete accept parameters
      - Needed for the Azure VM agents Add autocomplete for VM sizes by timja · Pull Request #580 · jenkinsci/azure-vm-agents-plugin · GitHub
      - Review needed
    - PR-7288 - Support gz content viewing
      - Needs extension point, low priority
    - PR-7078 - Margins for help text paragraphs and headers
      - Needs review since Tim made fixes to improve the pull request
  - Azure VM agents
    - Allow VM templates to be copied Allow copying existing agent template by timja · Pull Request #591 · jenkinsci/azure-vm-agents-plugin · GitHub
      - Presents a simpler UI by presenting a list without requiring typing
      - Design library issue to unify the autocompletion combo-box (already in design library)
        
        Simplify in the future, have a flag to switch between them
    - Autocomplete in Jenkins core needs to accept parameters
      - Needed for Add autocomplete for VM sizes by timja · Pull Request #580 · jenkinsci/azure-vm-agents-plugin · GitHub
  - IntelliJ development experience improvement
    - Easy to try both of them with a local copy
      - Test with gradle from a local copy of the pull request
    - Revamp jelly autocomplete suggestions
    - Jelly symbols autocomplete
  - Upcoming design library change
    - Revamp the documentation in PR

Topic	Replies	Views
User Experience SIG - November 6, 2024 UX SIG meeting	12	November 7, 2024
User Experience SIG - June 19, 2024 UX SIG meeting , sig-ux	36	June 20, 2024
User Experience SIG - December 7, 2022 UX SIG meeting , sig-ux	449	December 12, 2022
User Experience SIG - May 22, 2024 UX SIG meeting , sig-ux	76	May 25, 2024
User Experience SIG - September 11, 2024 UX SIG meeting , sig-ux	32	September 11, 2024

User Experience SIG - December 4, 2024

Dec 4, 2024

Related topics