Changelog for 2.249.1

Legend:

security fix
major bug fix
bug fix
major enhancement
enhancement

Community feedback:

no major issues
notable issues
required rollback

What's new in 2.249.1 (2020-09-09)

Changes since 2.249:

Important security fixes from Jenkins 2.252 and 2.235.4. (security advisory)
Stop pre-formatting agent logs to prevent deadlocks (regression in 2.231). (issue 63458)
Fix button that copies API token to clipboard (regression in 2.238). (issue 63274)
Restore wrapping tabs into multiple lines instead of overflowing (regression in 2.248). (issue 63180)
Normalize widget colors to be consistent with the new color palette. (Fixes bread crumbs flash in Dark Theme)
Empty installed plugins table text is readable again (regression in 2.249). (issue 63276)
Show build time data in the Build Time Trend Page (regression in 2.245). (issue 63232)
Replace text references to slave with agent in Japanese documentation and messages. (issue 63166)
Fix backspace key sometimes did not delete text from the Script Console on a Mac (regression in 2.248). (issue 63342)
Fix regular expression validator UI location (regression in 2.244). (issue 63308)
Prevent concurrent build deletion. (issue 61687)

Notable changes since 2.235.5:

Release 'alpha' dark theme. (issue 60924 , pull 4752, issue 62515 , pull 4763, pull 4772, pull 4814, pull 4842, pull 4843, Dark Theme repository, Introducing the Jenkins Dark Theme)
Stop supporting .NET Framework 2.0 for launching Jenkins server and agents as a Windows service. .NET Framework 4.0 or above is now required. (announcement, upgrade guidelines, issue 60005 , issue 61862 , Windows support policy)
Update Windows Service Wrapper (WinSW) from 2.3.0 executable for .NET Framework 2.0 to 2.9.0 for .NET Framework 4.0. Includes numerous improvements and bugfixes. Most notably, the service installer will now ask for permission elevation if the required. (changes summary, full WinSW changelog, Windows Agent Installer 2.0 changelog)
Show in plugin manager when newer releases of plugins exist but aren't being offered due to unsatisfied requirements. Show warnings for deprecated plugins in the update manager and administrative monitors. (pull 4073, issue 59136 , pull 4742, issue 62332 )
Provide a more modern look and feel for the Jenkins UI. (issue 62698 , pull 4808, issue 61973 , pull 4700, issue 62750 , pull 4816, issue 56109 , pull 4820, issue 63002 , pull 4835, Configuration UI Accessibility: Tables to Divs migration, pull 4782, issue 4767 , issue 62175 )
Remove page generation timestamp from the footer. (issue 61806)
Allow users with Overall/Manage permission to configure Node Monitoring and to reload configuration from disk. (issue 62264 , pull 4724, issue 61458 , pull 4728)
Add system read support for 'Node Monitoring Configuration', configuring clouds, viewing agent configuration, system information, and logs. (issue 61206)
Support Bearer tokens in Jenkins-CLI -auth parameter. (pull 4673)
Security hardening: Always round-trip password form control values in an encrypted form, even if not backed by an encrypted Secret field. In case of problems, this can be disabled by setting the system property hudson.util.Secret.AUTO_ENCRYPT_PASSWORD_CONTROL to false on startup. (issue 61808)
Security hardening: Always use a placeholder value for password form control values in item related configuration forms when the user is missing Item/Configure permission, even if not backed by an encrypted Secret field. In case of problems, this can be disabled by setting the system property hudson.util.Secret.BLANK_NONSECRET_PASSWORD_FIELDS_WITHOUT_ITEM_CONFIGURE to false. (issue 61808)
Fix the default domain name in Windows service serviceaccount configurations. (issue 12660 , Windows Service Wrapper 2.7.0 changelog)
Update Winstone from 5.9 to 5.10. Update Jetty from 9.4.27.v20200227 to 9.4.30.v20200611. Add --httpsRedirectHttp option that activates automatic HTTP request redirects to HTTPs. (pull 4811, 9.4.28.v20200408 changelog, 9.4.29.v20200521 changelog, 9.4.30.v20200611 changelog)
Fix --httpKeepAliveTimeout option which had no effect (regression in 2.224). (issue 61823)
Update Stapler from 1.259 to 1.260. (issue 61438 , pull 4813, Stapler 1.260 changelog)
Add the ability to filter out environment variables for Shell and Windows batch build steps. (issue 62014)
Fix IllegalArgumentException: Method not found error caused by misbehaviour in Util.isOverridden() (regression in 2.241). (issue 62723)
Remove the fallback Jenkins URL from the JNLP launch file so that WebSocket agents can be connected over Java Web Start. (issue 63014)
Allow fingerprint storage engine to be selected from the configuration page. Add new external fingerprint storage API methods. (pull 4834, issue 62345 , pull 4731, JEP-226, Fingerprint API Javadoc, Redis reference implementation)
Developer: Add alert-success banner. (issue 62747)
Developer: Add new extension points to define build step environment filters (currently in beta). (issue 62014)
Internal: Upgrade to Remoting 4.5. This switches agent.jar and remoting.jar to a code-signing certificate owned by the CDF. (pull 4832, Remoting 4.4 changelog, Remoting 4.5 changelog)