Merge branch 'master' into new-reorderable-list

.gitpod/Dockerfile

@@ -1,6 +1,6 @@
 FROM gitpod/workspace-full
 
-ARG MAVEN_VERSION=3.9.8
+ARG MAVEN_VERSION=3.9.9
 
 RUN brew install gh && \
     bash -c ". /home/gitpod/.sdkman/bin/sdkman-init.sh && sdk install maven ${MAVEN_VERSION} && sdk default maven ${MAVEN_VERSION}"

CONTRIBUTING.md

@@ -14,8 +14,6 @@ This page provides information about contributing code to the Jenkins core codeb
    - Apache Maven 3.8.1 or above. You can [download Maven here](https://maven.apache.org/download.cgi).
      In the Jenkins project we usually use the most recent Maven release.
    - Any IDE which supports importing Maven projects.
-   - Install [Node.js 20.x](https://nodejs.org/en/). **Note:** only needed to work on the frontend assets found in the `war` module.
-     - Frontend tasks are run using [yarn](https://yarnpkg.com/). Run `npm install -g yarn` to install it.
 4. Set up your development environment as described in [Preparing for Plugin Development](https://www.jenkins.io/doc/developer/tutorial/prepare/)
 
 If you want to contribute to Jenkins, or just learn about the project,
@@ -28,6 +26,8 @@ You can find them by using this query (check the link) for [newbie friendly issu
 The Jenkins core build flow is built around Maven.
 You can read a description of the [building and debugging process here](https://www.jenkins.io/doc/developer/building/).
 
+### Building the WAR file
+
 If you want simply to build the `jenkins.war` file as fast as possible without tests, run:
 
 ```sh
@@ -40,28 +40,46 @@ If you want to debug the WAR file without using Maven plugins,
 You can run the executable with [Remote Debug Flags](https://stackoverflow.com/questions/975271/remote-debugging-a-java-application)
 and then attach IDE Debugger to it.
 
-To launch a development instance, after the above command, run:
+### Launching a development instance
+
+To launch a development instance, after [building the WAR file](#building-the-war-file), run:
 
 ```sh
-mvn -pl war jetty:run
+MAVEN_OPTS='--add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED' mvn -pl war jetty:run
 ```
 
 (Beware that `maven-plugin` builds will not work in this mode, due to class loading conflicts.)
 
+### Running the Yarn frontend build
+
+To run the Yarn frontend build, after [building the WAR file](#building-the-war-file), add the downloaded versions of Node and Yarn to your path:
+
+```sh
+export PATH=$PWD/war/node:$PWD/war/node/yarn/dist/bin:$PATH
+```
+
+Then you can run Yarn with e.g.
+
+```sh
+cd war
+yarn
+```
+
 ### Building frontend assets
 
 To work on the `war` module frontend assets, two processes are needed at the same time:
 
 On one terminal, start a development server that will not process frontend assets:
 
 ```sh
-mvn -pl war jetty:run -Dskip.yarn
+MAVEN_OPTS='--add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED' mvn -pl war jetty:run -Dskip.yarn
 ```
 
-On another terminal, move to the war folder and start a [webpack](https://webpack.js.org/) dev server:
+On another terminal, move to the `war` folder and start a [webpack](https://webpack.js.org/) dev server, after [adding Node and Yarn to your path](#running-the-yarn-frontend-build):
 
 ```sh
-cd war; yarn start
+cd war
+yarn start
 ```
 
 ### Gitpod
@@ -86,11 +104,24 @@ For linting we use a number of tools:
 
 These are all configured to run as part of the Maven build, although they will be skipped if you are building with the `quick-build` profile.
 
-To automatically fix most issues run:
+To automatically fix backend issues, run:
 
-```bash
+```sh
 mvn spotless:apply
-mvn -pl war frontend:yarn -Dfrontend.yarn.arguments=lint:fix
+```
+
+To view frontend issues, after [adding Node and Yarn to your path](#running-the-yarn-frontend-build), run:
+
+```sh
+cd war
+yarn lint
+```
+
+To fix frontend issues, after [adding Node and Yarn to your path](#running-the-yarn-frontend-build), run:
+
+```sh
+cd war
+yarn lint:fix
 ```
 
 ## Testing changes
@@ -111,14 +142,6 @@ In addition to the included tests, you can also find extra integration and UI
 tests in the [Acceptance Test Harness (ATH)](https://github.com/jenkinsci/acceptance-test-harness) repository.
 If you propose complex UI changes, you should create new ATH tests for them.
 
-### JavaScript unit tests
-
-In case there's only need to run the JS tests:
-
-```sh
-cd war; yarn test
-```
-
 ## Proposing Changes
 
 The Jenkins project source code repositories are hosted at GitHub.

ath.sh

@@ -6,7 +6,7 @@ set -o xtrace
 cd "$(dirname "$0")"
 
 # https://github.com/jenkinsci/acceptance-test-harness/releases
-export ATH_VERSION=5929.v295db_5f04eb_1
+export ATH_VERSION=5957.v7c0e2f7ca_63e
 
 if [[ $# -eq 0 ]]; then
 	export JDK=17

bom/pom.xml

@@ -39,8 +39,7 @@ THE SOFTWARE.
 
   <properties>
     <commons-fileupload2.version>2.0.0-M2</commons-fileupload2.version>
-    <slf4jVersion>2.0.16</slf4jVersion>
-    <stapler.version>1894.v82b_2fb_35519d</stapler.version>
+    <stapler.version>1896.v8170998149d0</stapler.version>
     <groovy.version>2.4.21</groovy.version>
   </properties>
 
@@ -53,18 +52,25 @@ THE SOFTWARE.
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <dependency>
+        <groupId>org.slf4j</groupId>
+        <artifactId>slf4j-bom</artifactId>
+        <version>2.0.16</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
       <dependency>
         <groupId>org.springframework</groupId>
         <artifactId>spring-framework-bom</artifactId>
-        <version>5.3.37</version>
+        <version>5.3.39</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
       <dependency>
         <!-- https://docs.spring.io/spring-security/site/docs/5.5.4/reference/html5/#getting-maven-no-boot -->
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-bom</artifactId>
-        <version>5.8.13</version>
+        <version>5.8.14</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
@@ -82,7 +88,7 @@ THE SOFTWARE.
       <dependency>
         <groupId>com.google.guava</groupId>
         <artifactId>guava</artifactId>
-        <version>33.2.1-jre</version>
+        <version>33.3.0-jre</version>
       </dependency>
       <dependency>
         <!-- Overriding Stapler’s 1.1.3 version to diagnose JENKINS-20618: -->
@@ -183,7 +189,7 @@ THE SOFTWARE.
       <dependency>
         <groupId>org.apache.ant</groupId>
         <artifactId>ant</artifactId>
-        <version>1.10.14</version>
+        <version>1.10.15</version>
       </dependency>
       <dependency>
         <groupId>org.apache.commons</groupId>
@@ -351,32 +357,11 @@ THE SOFTWARE.
         <artifactId>jcifs</artifactId>
         <version>1.3.18-kohsuke-1</version>
       </dependency>
-      <dependency>
-        <groupId>org.slf4j</groupId>
-        <artifactId>jcl-over-slf4j</artifactId>
-        <version>${slf4jVersion}</version>
-      </dependency>
-      <dependency>
-        <groupId>org.slf4j</groupId>
-        <artifactId>log4j-over-slf4j</artifactId>
-        <version>${slf4jVersion}</version>
-      </dependency>
-      <dependency>
-        <!-- SLF4J used in maven-plugin and possibly others -->
-        <groupId>org.slf4j</groupId>
-        <artifactId>slf4j-api</artifactId>
-        <version>${slf4jVersion}</version>
-      </dependency>
-      <dependency>
-        <groupId>org.slf4j</groupId>
-        <artifactId>slf4j-jdk14</artifactId>
-        <version>${slf4jVersion}</version>
-      </dependency>
       <dependency>
         <!-- provided by jcl-over-slf4j -->
         <groupId>commons-logging</groupId>
         <artifactId>commons-logging</artifactId>
-        <version>1.3.3</version>
+        <version>1.3.4</version>
         <scope>provided</scope>
       </dependency>
     </dependencies>

cli/src/main/java/hudson/cli/CLI.java

@@ -32,6 +32,7 @@
 import jakarta.websocket.ClientEndpointConfig;
 import jakarta.websocket.Endpoint;
 import jakarta.websocket.EndpointConfig;
+import jakarta.websocket.HandshakeResponse;
 import jakarta.websocket.Session;
 import java.io.DataInputStream;
 import java.io.File;
@@ -64,6 +65,7 @@
 import org.glassfish.tyrus.client.ClientManager;
 import org.glassfish.tyrus.client.ClientProperties;
 import org.glassfish.tyrus.client.SslEngineConfigurator;
+import org.glassfish.tyrus.client.exception.DeploymentHandshakeException;
 import org.glassfish.tyrus.container.jdk.client.JdkClientContainer;
 
 /**
@@ -340,13 +342,19 @@ public void onOpen(Session session, EndpointConfig config) {}
         }
 
         class Authenticator extends ClientEndpointConfig.Configurator {
+            HandshakeResponse hr;
             @Override
             public void beforeRequest(Map<String, List<String>> headers) {
                 if (factory.authorization != null) {
                     headers.put("Authorization", List.of(factory.authorization));
                 }
             }
+            @Override
+            public void afterResponse(HandshakeResponse hr) {
+                this.hr = hr;
+            }
         }
+        var authenticator = new Authenticator();
 
         ClientManager client = ClientManager.createClient(JdkClientContainer.class.getName()); // ~ ContainerProvider.getWebSocketContainer()
         client.getProperties().put(ClientProperties.REDIRECT_ENABLED, true); // https://tyrus-project.github.io/documentation/1.13.1/index/tyrus-proprietary-config.html#d0e1775
@@ -357,7 +365,21 @@ public void beforeRequest(Map<String, List<String>> headers) {
             sslEngineConfigurator.setHostnameVerifier((s, sslSession) -> true);
             client.getProperties().put(ClientProperties.SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator);
         }
-        Session session = client.connectToServer(new CLIEndpoint(), ClientEndpointConfig.Builder.create().configurator(new Authenticator()).build(), URI.create(url.replaceFirst("^http", "ws") + "cli/ws"));
+        Session session;
+        try {
+            session = client.connectToServer(new CLIEndpoint(), ClientEndpointConfig.Builder.create().configurator(authenticator).build(), URI.create(url.replaceFirst("^http", "ws") + "cli/ws"));
+        } catch (DeploymentHandshakeException x) {
+            System.err.println("CLI handshake failed with status code " + x.getHttpStatusCode());
+            if (authenticator.hr != null) {
+                for (var entry : authenticator.hr.getHeaders().entrySet()) {
+                    // org.glassfish.tyrus.core.Utils.parseHeaderValue improperly splits values like Date at commas, so undo that:
+                    System.err.println(entry.getKey() + ": " + String.join(", ", entry.getValue()));
+                }
+                // UpgradeResponse.getReasonPhrase is useless since Jetty generates it from the code,
+                // and the body is not accessible at all.
+            }
+            return 15; // compare CLICommand.main
+        }
         PlainCLIProtocol.Output out = new PlainCLIProtocol.Output() {
             @Override
             public void send(byte[] data) throws IOException {

core/src/main/java/hudson/lifecycle/Lifecycle.java

@@ -329,7 +329,7 @@ public boolean supportsDynamicLoad() {
     /**
      * Called when Jenkins has failed to boot.
      * @param problem a boot failure (could be {@link JenkinsReloadFailed})
-     * @since TODO
+     * @since 2.469
      */
     public void onBootFailure(BootFailure problem) {
     }

core/src/main/java/hudson/model/AbstractProject.java

@@ -1934,11 +1934,6 @@ public boolean isApplicable(Descriptor descriptor) {
             return true;
         }
 
-        @Restricted(DoNotUse.class)
-        public FormValidation doCheckDisplayNameOrNull(@AncestorInPath AbstractProject project, @QueryParameter String value) {
-            return Jenkins.get().doCheckDisplayName(value, project.getName());
-        }
-
         @Restricted(DoNotUse.class)
         public FormValidation doCheckAssignedLabelString(@AncestorInPath AbstractProject<?, ?> project,
                                                          @QueryParameter String value) {

core/src/main/java/hudson/model/TopLevelItemDescriptor.java

@@ -27,6 +27,7 @@
 import edu.umd.cs.findbugs.annotations.CheckForNull;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import hudson.ExtensionList;
+import hudson.util.FormValidation;
 import java.io.StringWriter;
 import java.util.logging.Level;
 import java.util.logging.Logger;
@@ -37,7 +38,11 @@
 import org.jenkins.ui.icon.Icon;
 import org.jenkins.ui.icon.IconSet;
 import org.jenkins.ui.icon.IconSpec;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.MetaClass;
+import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.Stapler;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.WebApp;
@@ -286,4 +291,8 @@ public static ExtensionList<TopLevelItemDescriptor> all() {
         return Items.all();
     }
 
+    @Restricted(NoExternalUse.class)
+    public FormValidation doCheckDisplayNameOrNull(@AncestorInPath TopLevelItem item, @QueryParameter String value) {
+        return Jenkins.get().doCheckDisplayName(value, item.getName());
+    }
 }

core/src/main/java/hudson/model/listeners/ItemListener.java

@@ -101,7 +101,7 @@ public void onLoaded() {
      * @param item the item being deleted
      * @throws Failure to veto the operation.
      * @throws InterruptedException If a blocking condition was interrupted, also vetoing the operation.
-     * @since TODO
+     * @since 2.470
      */
     public void onCheckDelete(Item item) throws Failure, InterruptedException {
     }

core/src/main/java/hudson/security/ACL.java

@@ -237,7 +237,7 @@ public final void checkCreatePermission(@NonNull ItemGroup c,
         }
         if (!hasCreatePermission2(a, c, d)) {
             throw new AccessDeniedException(Messages.AccessDeniedException2_MissingPermission(a.getName(),
-                    Item.CREATE.group.title + "/" + Item.CREATE.name + Item.CREATE + "/" + d.getDisplayName()));
+                    Item.CREATE.group.title + "/" + Item.CREATE.name + "/" + d.getDisplayName()));
         }
     }
     /**
@@ -290,7 +290,7 @@ public final void checkCreatePermission(@NonNull ViewGroup c,
         }
         if (!hasCreatePermission2(a, c, d)) {
             throw new AccessDeniedException(Messages.AccessDeniedException2_MissingPermission(a.getName(),
-                    View.CREATE.group.title + "/" + View.CREATE.name + View.CREATE + "/" + d.getDisplayName()));
+                    View.CREATE.group.title + "/" + View.CREATE.name + "/" + d.getDisplayName()));
         }
     }
 

core/src/main/java/hudson/slaves/JNLPLauncher.java

@@ -213,9 +213,7 @@ private String getRemotingOptions(String computerName) {
         sb.append("-name ");
         sb.append(computerName);
         sb.append(' ');
-        if (isWebSocket()) {
-            sb.append("-webSocket ");
-        }
+        sb.append("-webSocket ");
         if (tunnel != null) {
             sb.append(" -tunnel ");
             sb.append(tunnel);

core/src/main/java/hudson/tasks/ArtifactArchiver.java

@@ -389,7 +389,9 @@ public boolean isApplicable(Class<? extends AbstractProject> jobType) {
                             if (bd instanceof LogRotator) {
                                 LogRotator lr = (LogRotator) bd;
                                 if (lr.getArtifactNumToKeep() == -1) {
-                                    p.setBuildDiscarder(new LogRotator(lr.getDaysToKeep(), lr.getNumToKeep(), lr.getArtifactDaysToKeep(), 1));
+                                    LogRotator newLr = new LogRotator(lr.getDaysToKeep(), lr.getNumToKeep(), lr.getArtifactDaysToKeep(), 1);
+                                    newLr.setRemoveLastBuild(lr.isRemoveLastBuild());
+                                    p.setBuildDiscarder(newLr);
                                 } else {
                                     LOG.log(Level.WARNING, "will not clobber artifactNumToKeep={0} in {1}", new Object[] {lr.getArtifactNumToKeep(), p});
                                 }