Changelog

2.562

April 27, 2026
The Jenkins MSI installer is now signed by "LF Open Source, LLC" using the Microsoft Artifact Signing Service. The change causes the Edge browser on Windows to report that the file is not commonly downloaded. Users need to select "Keep anyway" to download the installer.
When running the Jenkins MSI installer with the new signature, Windows SmartScreen reports "Microsoft Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.". Users need to select "More info" to advance to the next screen and then select "Run anyway". A blog post provides screenshots and more details.
The Microsoft support forum says that Microsoft Smartscreen will stop prompting users once there are enough installations to increase its reputation score.
Enhancement
  • Stop signing the war file with jarsigner. Rely on the GPG signature to verify publisher identity. pull 26708

2.561

April 21, 2026
Bug fix
  • Fix parameterised pipeline build triggering. pull 26685

2.560

April 20, 2026
Enhancement
  • Adopt experimental App Bar API for jobs pull 26510
  • Avoid unnecessary copy of all loaded builds in AbstractLazyLoadRunMap.getLoadedBuilds(). pull 26636
  • Refine the 'Users' Manage Jenkins page pull 26475
  • Deprecate CheckMethod#toCheckUrl method, which generates a JS expression, and does not work with CSP enabled. pull 26638
Bug fix
  • Prevent selecting an autocomplete suggestion submitting the configuration form (regression in 2.556). pull 26646
  • Restore warnings in the update site warnings monitor (regression in 2.558). pull 26644
  • Fix console card breaking layout in experimental build view pull 26663
  • Use correct views tab bar in new dashboard page respecting user preferences pull 26640
  • Keep the Duplicate Jenkins checker enabled when saving the global configuration (regression in 2.549). pull 26631

2.559

April 13, 2026
Enhancement
  • Refine appearance of dialogs pull 26514
  • Improve queue maintenance performance for jobs with large build histories pull 26597
Bug fix
  • Update dependency org.apache.ant:ant to v1.10.17 to resolve regression issue due to v1.10.16 pull 26611
  • Fix Windows null pointer exception due to Apache Ant 1.10.16 (regression in 2.558). pull 26606
  • Remove lines from log recorder page. pull 26598
  • Render links to nodes and clouds correctly in the context menu (regression). pull 26583
  • Use the correct URL in delete dialogs invoked from the cloud context menu (regression in 2.556). pull 26593

2.558

April 5, 2026
Enhancement
  • Refine how administrative monitors are displayed pull 26417
  • Deduplicate build causes in queue tooltip and build overview. pull 26392
  • Use a dialog to add/edit the description of jobs, builds, views, computers, ... pull 26535
Bug fix
  • Ensure cancel button for queued jobs doesn't move when other badges are present. pull 26564

2.557

March 30, 2026
Enhancement
  • Refine experimental Run overflow menu. pull 26524
Bug fix
  • Fix wrong permission for description button in new build page. pull 26548
  • Fix multibranch Pipeline scan from parent folder (regression). pull 26517
  • Fix legacy context menu items not working. pull 26525
  • Fix delete button being missing and actions showing when they shouldn't be (regression in 2.556). pull 26526
  • Fix breadcrumb heading label. pull 26523

2.556

March 23, 2026
Enhancement
  • Upgrade to Spring Security 7. pull 11304
  • Upgrade to Spring Framework 7. pull 11292
  • Refine Third Party Licences page. pull 26476
  • Remove maximum width of sections. pull 26435
  • Introduce experimental API for adding actions to experimental Run UI. pull 11204
  • Added Turkish translations to setup wizard. pull 26426
  • Explain prepending additional values to environment variables with BASE+EXTRA in the online help for nodes. JENKINS-41492
Bug fix
  • Use standard size node icon even with long node names. pull 26486

2.555

March 18, 2026
Security

2.554

March 7, 2026
Enhancement
  • Adapt Script Console for experimental Manage Jenkins UI pull 11333
  • Refine legacy Add button for repeatable lists pull 26352
Bug fix
  • Fix keyboard navigation scrolling in dropdowns pull 26358
  • Partially revert optimisation in RunMap that causes issues when reloading pull 26399

2.553

March 2, 2026
Bug fix
  • Restore unsaved changes warning in the new Manage Jenkins UI. pull 26314

2.552

February 24, 2026
Enhancement
  • Update Jenkins CLI's subpages to use experimental Manage Jenkins UI pull 26316
  • Revamp Clouds page pull 26315
  • Add experimental Plugin Manager UI pull 11332
Bug fix
  • Fix estimated build number in Build History widget pull 26355
  • Redirect to the correct URL when creating log recorders with nonASCII names. JENKINS-26318
  • Do not fail builds when the tool installation directory is readonly. JENKINS-16005
  • Don't validate input fields when they are disabled pull 26298
  • Fix link to polling log of upstream build caused by an SCM trigger after a Jenkins restart pull 26291
  • Prevent afterDisconnect() from being called twice when an agent disconnects JENKINS-35272
  • Add support for combobox and autocomplete in dialogs pull 26326

2.551

February 18, 2026
Security

2.550

February 9, 2026
Enhancement
Bug fix
  • Fix progressive rendering progress calculation pull 26235
  • Avoid that when copying a cloud anything else than the name is changed pull 26260
  • Make redirects to documentation on www.jenkins.io work in the builtin administrative monitors when using Chrome and enforcing Content Security Policy. pull 26207
  • Do not compute the CSP header if it's completely disabled using the Java system property jenkins.security.csp.CspHeader.headerName in case computation takes too long. pull 26255

2.549

February 1, 2026
Enhancement
  • Add telemetry for password field masking. pull 26195
  • Clarify UI label when configuring Content Security Policy. pull 26198
  • Minor refinement of dropdowns and empty states. pull 26189
Bug fix
  • Fix shutdown banner visibility on Plugin Manager pages when preparing for shutdown pull 26234
  • Fix a 404 error when clicking plugin names on the “License and dependency information for plugins” page. pull 26029
  • Fix exception message being logged in rare cases on views with keyboard shortcut indicators. pull 26214
  • Fix primary button text color in administrative monitors. pull 26212

2.548

January 25, 2026
Major bug fix
  • Submitting a form would in rare cases, lead to an error (Got type array but no lister class found for type...) JENKINS-76249
Enhancement
  • Add online help for the “Remove last build” build discarder option. pull 26153
  • API tokens with expiration date pull 23859
Bug fix
  • Fix temporary offline state of computer is lost on config submit pull 26154
  • Fix sidebar navigation for nonASCII localized section headers. pull 26068

2.547

January 19, 2026
Enhancement
  • * Use display name in directory browser breadcrumb. pull 25924
Bug fix
  • Fix false "Build Scheduled" notification when attempting to build branch jobs in disabled multibranch projects pull 26117
  • Hide build buttons in Multibranch branch/PR jobs when the Multibranch or organization folder is disabled pull 26131
  • Fix cloud URL when using experimental settings redesign pull 26107

2.546

January 12, 2026
Bug fix
  • Fix category headers showing as raw HTML on New Item page. pull 26056

2.545

January 5, 2026
Major enhancement
Enhancement
  • Add telemetry for Java properties. pull 26038
  • Bump the minimum supported remoting.jar version to 3176.v207ec082a_8c0 pull 26034
Bug fix
  • Prevent race condition during initial administrator account creation. pull 26036
  • Avoid NPE in Job#getLastBuildsOverThreshold pull 26005
  • Use rootURL in Cloud sidepanel so links in actions work properly. pull 26004

2.544

December 29, 2025
Enhancement
Bug fix
  • * Display a brief message on update site signature verification failure instead of showing a stack trace. JENKINS-75905

2.543

December 23, 2025
A new GPG signing key is used for the Jenkins weekly Linux packages: 5E386EADB55F01504CAE8BCF7198F4B714ABFC68
Follow the instructions in the Linux package signing blog post to install the new public key on your computer.
Enhancement
  • No longer include the client IP address in CSRF protection token ("crumb") calculation. Effectively, the behavior is the same as if the (now removed) "Enable proxy compatibility" option were always checked. pull 25918
  • Show a warning to administrators who set the hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID flag, informing them of the further reduced safety, and the option's planned future removal. pull 25918
Bug fix
  • Fix console log copy button for freestyle projects that have finished (regression in 2.493). pull 25953
  • Allow large forms to be submitted (regression in 2.531). pull 25968

2.542

December 15, 2025
Enhancement
  • Add telemetry for Content Security Policy enforcement. pull 23901
  • Enables the Overall/Manage permission by default. This permission when granted to users allows them to configure certain parts of Jenkins' global configuration without the ability to execute arbitrary code. pull 23873
  • Truncate verbose queue blockage messages to show maximum 5 reasons with "... and N more" suffix. JENKINS-45927
  • Allow entirely disabling CSP headers to work around unusual Jenkins configurations resulting in excessive HTTP response header lengths. pull 23915
  • Update Winstone to version 8.1026.v31def012a_f48 to increase the default maximum HTTP response header size to 32KB to account for very complex Content Security Policy headers. pull 25901
Bug fix
  • Fix NullPointerException in "ReverseBuildTrigger" when configuration has a missing threshold. JENKINS-39044

2.541

December 10, 2025
Security

2.540

December 2, 2025
Enhancement
  • Ignore casing in AvatarContributor#extractDomainFromUrl. pull 23865
  • Add X-Jenkins-ValidateButton-Callback (a JSON object with callback and arguments keys) as a replacement for the CSP incompatible script HTTP response header for f:validateButton. pull 20345
Bug fix
  • Show saved log recorders again (regression in 2.537). pull 23858
  • Fix incorrect handling of Content Security Policy inheritance chain for fetch directives. This could affect attempts to set *srcelemor *srcattr directives in CSP Plugin 2.x. pull 23855
  • Make "Change API Token" for legacy API tokens work when Content Security Policy is enforced and prohibits inline JavaScript. pull 20345

2.539

November 25, 2025
Major enhancement
Enhancement
  • Add rest API to create an agent from XML. pull 11229
Bug fix

2.538

November 18, 2025
Major bug fix

2.537

November 18, 2025
Starting with Jenkins 2.537, RedHat and openSUSE have the same RPM packages from the same unified repository at https://pkg.jenkins.io/rpm/. Users with an already installed prior version are transparently redirected when refreshing their repositories: https://pkg.jenkins.io/redhat/ and https://pkg.jenkins.io/opensuse/ both redirect to the new URL.

The old repositories are retained and allow to install older versions (<2.537) by using the following URLs: https://pkg.jenkins.io/redhat-legacy/ for RedHat distributions and https://pkg.jenkins.io/opensuse-legacy/ for openSUSE distributions.

Note for openSUSE users: the System V initialization scripts are removed for openSUSE installations (details in https://www.jenkins.io/blog/2022/03/25/systemd-migration/).

⚠️ There is a known bug introduced for openSUSE users: the autorefresh feature of the zypper repository is disabled and requires a zypper refresh command.
Enhancement
  • Add experimental Manage Jenkins layout. pull 11222
  • Performance improvement for queue item scheduling. pull 11293
  • Remove some very old extension list behaviors. pull 11225
  • Refine changes for the experimental Run UI. pull 11277
Major enhancement

2.536

November 11, 2025
Enhancement
  • Redesign the reorderable list component. pull 10186
  • Log a thread dump when a /health check exceeds the 10 second default timeout to help diagnose stuck requests. This timeout is configurable via the jenkins.health.HealthCheckAction.thresholdTimeout system property. pull 11266
  • Use the same styling for title bar mouseover effect. JENKINS-75990
Bug fix
  • Revert display:flex addition from the default panel-header CSS. pull 11272
  • Set the default enter delay for tooltips to 250ms. JENKINS-75892
  • Fix the ordering of the experimental Run UI tabs. pull 11236
  • Restore file fingerprint and project relationship actions to views. JENKINS-76275

2.535

November 4, 2025
Enhancement
  • Refine badges. pull 11254
  • Add ability to set default value for experimental flags via system property. JENKINS-76260
  • Remove duplicate built-in executor configuration from System configuration page. It now configures it on the built-in executor under Nodes instead. pull 11224
Bug fix
  • Ignore NoSuchFileException in FilePath#unzip. JENKINS-76192
  • Eliminate spurious CPU utilization in browser when idle. pull 11257
  • CasC items.yaml now loads after the SYSTEM_CONFIG_ADAPTED milestone is completed. pull 11234
  • Fix toggle collapse in Chrome to prevent 404 errors. JENKINS-76118
  • Fix MyViewsProperty condition. pull 11252

2.534

October 28, 2025
Major enhancement
Enhancement

2.533

October 21, 2025
Enhancement
Bug fix
  • Avoid stack overflow to prevent excessive work being performed when loading builds from disk. This could cause an error when using the Maven and Naginator plugins and the experimental build UI. JENKINS-76202
Changelogs of historical releases can be found in the changelog archive.