From b5c3764681f3b4ce83d0e78f6a9327925640d57e Mon Sep 17 00:00:00 2001
From: Kevin-CB <kguerroudj@cloudbees.com>
Date: Tue, 21 Dec 2021 13:22:35 +0000
Subject: [PATCH 01/12] [SECURITY-2558]

---
 .../hudson/model/BuildAuthorizationToken.java |  4 --
 .../hudson/model/AbstractProjectTest.java     | 12 +++-
 .../BuildAuthorizationTokenSEC2558Test.java   | 70 +++++++++++++++++++
 .../model/ParameterizedJobMixInTest.java      | 19 ++++-
 4 files changed, 95 insertions(+), 10 deletions(-)
 create mode 100644 test/src/test/java/hudson/model/BuildAuthorizationTokenSEC2558Test.java

diff --git a/core/src/main/java/hudson/model/BuildAuthorizationToken.java b/core/src/main/java/hudson/model/BuildAuthorizationToken.java
index 43563b6f4611..5ab6283cfbb4 100644
--- a/core/src/main/java/hudson/model/BuildAuthorizationToken.java
+++ b/core/src/main/java/hudson/model/BuildAuthorizationToken.java
@@ -28,7 +28,6 @@
 import hudson.security.ACL;
 import java.io.IOException;
 import javax.servlet.http.HttpServletResponse;
-import jenkins.model.Jenkins;
 import jenkins.security.ApiTokenProperty;
 import org.kohsuke.stapler.HttpResponses;
 import org.kohsuke.stapler.StaplerRequest;
@@ -67,9 +66,6 @@ public static BuildAuthorizationToken create(StaplerRequest req) {
     }
 
     public static void checkPermission(Job<?,?> project, BuildAuthorizationToken token, StaplerRequest req, StaplerResponse rsp) throws IOException {
-        if (!Jenkins.get().isUseSecurity())
-            return;    // everyone is authorized
-
         if(token!=null && token.token != null) {
             //check the provided token
             String providedToken = req.getParameter("token");
diff --git a/test/src/test/java/hudson/model/AbstractProjectTest.java b/test/src/test/java/hudson/model/AbstractProjectTest.java
index 5457cdfc1307..5d5858cf1ae2 100644
--- a/test/src/test/java/hudson/model/AbstractProjectTest.java
+++ b/test/src/test/java/hudson/model/AbstractProjectTest.java
@@ -355,17 +355,23 @@ public void queueSuccessBehaviorOverHTTP() throws Exception {
         JenkinsRule.WebClient wc = j.createWebClient()
                 .withThrowExceptionOnFailingStatusCode(false);
 
-        WebResponse rsp = wc.goTo(p.getUrl() + "build", null).getWebResponse();
+        WebResponse rsp = wc.getPage(wc.addCrumb(new WebRequest(new URL(j.getURL(),p.getUrl() +
+                "build?delay=0")
+                ,HttpMethod.POST))).getWebResponse();
         assertEquals(HttpURLConnection.HTTP_CREATED, rsp.getStatusCode());
         assertNotNull(rsp.getResponseHeaderValue("Location"));
 
-        WebResponse rsp2 = wc.goTo(p.getUrl() + "build", null).getWebResponse();
+        WebResponse rsp2 = wc.getPage(wc.addCrumb(new WebRequest(new URL(j.getURL(),p.getUrl() +
+                "build?delay=0")
+                ,HttpMethod.POST))).getWebResponse();
         assertEquals(HttpURLConnection.HTTP_CREATED, rsp2.getStatusCode());
         assertEquals(rsp.getResponseHeaderValue("Location"), rsp2.getResponseHeaderValue("Location"));
 
         p.makeDisabled(true);
 
-        WebResponse rsp3 = wc.goTo(p.getUrl() + "build", null).getWebResponse();
+        WebResponse rsp3 = wc.getPage(wc.addCrumb(new WebRequest(new URL(j.getURL(),p.getUrl() +
+                "build?delay=0")
+                ,HttpMethod.POST))).getWebResponse();
         assertEquals(HttpURLConnection.HTTP_CONFLICT, rsp3.getStatusCode());
     }
 
diff --git a/test/src/test/java/hudson/model/BuildAuthorizationTokenSEC2558Test.java b/test/src/test/java/hudson/model/BuildAuthorizationTokenSEC2558Test.java
new file mode 100644
index 000000000000..6b4e2fe66d4d
--- /dev/null
+++ b/test/src/test/java/hudson/model/BuildAuthorizationTokenSEC2558Test.java
@@ -0,0 +1,70 @@
+package hudson.model;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.collection.IsCollectionWithSize.hasSize;
+import static org.junit.Assert.assertThrows;
+
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.WebRequest;
+import java.lang.reflect.Field;
+import java.net.URL;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+// The existing @Before is annoying so this class is independent
+// TODO : Using @Nested class could be more clean than using separate class
+// TODO : Merge back into BuildAuthorizationTokenTest
+public class BuildAuthorizationTokenSEC2558Test {
+
+    @Rule
+    public JenkinsRule jr = new JenkinsRule();
+
+    private static final String token = "whatever";
+
+    @Test
+    @Issue("SECURITY-2558")
+    public void triggerJobWithoutSecurityRealm_ShouldSucceed_WithPost() throws Exception {
+        FreeStyleProject project = createFreestyleProjectWithToken();
+        JenkinsRule.WebClient wc = jr.createWebClient();
+        wc.getPage(wc.addCrumb(new WebRequest(new URL(jr.getURL(), project.getUrl() +
+                "build?delay=0")
+                ,HttpMethod.POST)));
+        jr.waitUntilNoActivity();
+        assertThat("the project should have been built", project.getBuilds(), hasSize(1));
+    }
+
+    @Test
+    @Issue("SECURITY-2558")
+    public void triggerJobWithoutSecurityRealm_ShouldFail_WithGet() throws Exception {
+        FreeStyleProject project = jr.createFreeStyleProject();
+        JenkinsRule.WebClient wc = jr.createWebClient();
+        FailingHttpStatusCodeException fex = assertThrows(
+                "should not reach here since only POST request can",
+                FailingHttpStatusCodeException.class,
+                () -> wc.getPage(new WebRequest(new URL(jr.getURL(), project.getUrl() + "build?delay=0"), HttpMethod.GET)));
+        assertThat("Should fail with method not allowed", fex.getStatusCode(), is(405));
+    }
+
+    @Test
+    @Issue("SECURITY-2558")
+    public void triggerJobWithoutSecurityRealm_ButWithToken_ShouldSucceed_WithGet() throws Exception {
+        FreeStyleProject project = createFreestyleProjectWithToken();
+        JenkinsRule.WebClient wc = jr.createWebClient();
+        wc.getPage(new WebRequest(new URL(jr.getURL(), project.getUrl() + "build?delay=0&token=" + token)
+                ,HttpMethod.GET));
+        jr.waitUntilNoActivity();
+        assertThat("the project should have been built", project.getBuilds(), hasSize(1));
+    }
+
+    private FreeStyleProject createFreestyleProjectWithToken() throws Exception {
+        FreeStyleProject fsp = jr.createFreeStyleProject();
+        Field f = AbstractProject.class.getDeclaredField("authToken");
+        f.setAccessible(true);
+        f.set(fsp, new BuildAuthorizationToken(token));
+        return fsp;
+    }
+}
diff --git a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
index a5dccb9c8b9c..4f94a0b31a0d 100644
--- a/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
+++ b/test/src/test/java/jenkins/model/ParameterizedJobMixInTest.java
@@ -23,10 +23,18 @@
  */
 package jenkins.model;
 
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.assertThrows;
+
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.WebRequest;
 import hudson.model.FreeStyleProject;
 import hudson.model.ParametersDefinitionProperty;
 import hudson.model.Queue;
 import hudson.model.StringParameterDefinition;
+import java.net.URL;
 import javax.servlet.http.HttpServletResponse;
 import org.junit.Assert;
 import org.junit.Rule;
@@ -58,9 +66,14 @@ public void doBuildWithParameters_shouldFailWhenInvokingDisabledProject() throws
         final FreeStyleProject project = j.createFreeStyleProject();
         project.addProperty(new ParametersDefinitionProperty(new StringParameterDefinition("FOO", "BAR")));
         project.doDisable();
-        
+
         final JenkinsRule.WebClient webClient = j.createWebClient();
-        webClient.assertFails(project.getUrl() + "buildWithParameters", HttpServletResponse.SC_CONFLICT);
+
+        FailingHttpStatusCodeException fex = assertThrows(
+                "should fail when invoking disabled project",
+                FailingHttpStatusCodeException.class,
+                () -> webClient.getPage(webClient.addCrumb(new WebRequest(new URL(j.getURL(), project.getUrl() + "build?delay=0"), HttpMethod.POST))));
+        assertThat("Should fail with conflict", fex.getStatusCode(), is(409));
     }
 
     @Test
@@ -72,7 +85,7 @@ public void doBuildQuietPeriodInSeconds() throws Exception {
         project.setQuietPeriod(projectQuietPeriodInSeconds);
 
         final JenkinsRule.WebClient webClient = j.createWebClient();
-        webClient.goTo(project.getUrl() + "build", "");
+        webClient.getPage(webClient.addCrumb(new WebRequest(new URL(j.getURL(), project.getUrl() + "build"), HttpMethod.POST)));
         long triggerTime = System.currentTimeMillis();
 
         Queue.Item item = Jenkins.get().getQueue().getItem(1);

From f3cbfa898de04c1c520a1cb5d15b5834785465c4 Mon Sep 17 00:00:00 2001
From: Jenkins Release Bot
 <66998184+jenkins-release-bot@users.noreply.github.com>
Date: Tue, 11 Jan 2022 12:37:23 +0000
Subject: [PATCH 02/12] [maven-release-plugin] prepare release jenkins-2.329

---
 bom/pom.xml  | 2 +-
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/bom/pom.xml b/bom/pom.xml
index 44220df8b8af..7115a020375f 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.329</version>
   </parent>
 
   <artifactId>jenkins-bom</artifactId>
diff --git a/cli/pom.xml b/cli/pom.xml
index 8772f2658fc2..9140abe3d14e 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.329</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0b10a40a0d22..63126f36daaf 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.329</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index a48447ab85cb..b297a1e8fe59 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.329</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -60,7 +60,7 @@ THE SOFTWARE.
   <scm>
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.329</tag>
     <url>https://github.com/jenkinsci/jenkins</url>
   </scm>
 
diff --git a/test/pom.xml b/test/pom.xml
index ad5cb291d233..b2280e0a81e7 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.329</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index e71473d30ca0..891f9bd06396 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.329</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>

From 1656ee796cad7662d8f0dda0650d047e8878b514 Mon Sep 17 00:00:00 2001
From: Jenkins Release Bot
 <66998184+jenkins-release-bot@users.noreply.github.com>
Date: Tue, 11 Jan 2022 12:38:19 +0000
Subject: [PATCH 03/12] [maven-release-plugin] prepare for next development
 iteration

---
 bom/pom.xml  | 2 +-
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 6 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/bom/pom.xml b/bom/pom.xml
index 7115a020375f..44220df8b8af 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.329</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-bom</artifactId>
diff --git a/cli/pom.xml b/cli/pom.xml
index 9140abe3d14e..8772f2658fc2 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.329</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 63126f36daaf..0b10a40a0d22 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.329</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index b297a1e8fe59..633d20d71df7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.329</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -60,7 +60,7 @@ THE SOFTWARE.
   <scm>
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
-    <tag>jenkins-2.329</tag>
+    <tag>${scmTag}</tag>
     <url>https://github.com/jenkinsci/jenkins</url>
   </scm>
 
@@ -70,7 +70,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.329</revision>
+    <revision>2.330</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index b2280e0a81e7..ad5cb291d233 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.329</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 891f9bd06396..e71473d30ca0 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.329</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>

From 90b1b76fd25ef4704d054df8abd9dee26ebfe748 Mon Sep 17 00:00:00 2001
From: Jenkins Release Bot
 <66998184+jenkins-release-bot@users.noreply.github.com>
Date: Tue, 11 Jan 2022 17:10:08 +0000
Subject: [PATCH 04/12] [maven-release-plugin] prepare release jenkins-2.330

---
 bom/pom.xml  | 2 +-
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 4 ++--
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/bom/pom.xml b/bom/pom.xml
index 44220df8b8af..48c77c9b3a1b 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.330</version>
   </parent>
 
   <artifactId>jenkins-bom</artifactId>
diff --git a/cli/pom.xml b/cli/pom.xml
index 8772f2658fc2..d41acbd47aec 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.330</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index 0b10a40a0d22..eb1f70e6eadc 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.330</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 633d20d71df7..4ca2644c870e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>2.330</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -60,7 +60,7 @@ THE SOFTWARE.
   <scm>
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
-    <tag>${scmTag}</tag>
+    <tag>jenkins-2.330</tag>
     <url>https://github.com/jenkinsci/jenkins</url>
   </scm>
 
diff --git a/test/pom.xml b/test/pom.xml
index ad5cb291d233..9cc759bd0acd 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.330</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index e71473d30ca0..78730b57a587 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>${revision}${changelist}</version>
+    <version>2.330</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>

From 05eda5221a313f09c4e69351c447d755b1ff1f1f Mon Sep 17 00:00:00 2001
From: Jenkins Release Bot
 <66998184+jenkins-release-bot@users.noreply.github.com>
Date: Tue, 11 Jan 2022 17:10:30 +0000
Subject: [PATCH 05/12] [maven-release-plugin] prepare for next development
 iteration

---
 bom/pom.xml  | 2 +-
 cli/pom.xml  | 2 +-
 core/pom.xml | 2 +-
 pom.xml      | 6 +++---
 test/pom.xml | 2 +-
 war/pom.xml  | 2 +-
 6 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/bom/pom.xml b/bom/pom.xml
index 48c77c9b3a1b..44220df8b8af 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.330</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-bom</artifactId>
diff --git a/cli/pom.xml b/cli/pom.xml
index d41acbd47aec..8772f2658fc2 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.330</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index eb1f70e6eadc..0b10a40a0d22 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -29,7 +29,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.330</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-core</artifactId>
diff --git a/pom.xml b/pom.xml
index 4ca2644c870e..cecc91b5a761 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@ THE SOFTWARE.
 
   <groupId>org.jenkins-ci.main</groupId>
   <artifactId>jenkins-parent</artifactId>
-  <version>2.330</version>
+  <version>${revision}${changelist}</version>
   <packaging>pom</packaging>
 
   <name>Jenkins main module</name>
@@ -60,7 +60,7 @@ THE SOFTWARE.
   <scm>
     <connection>scm:git:git://github.com/jenkinsci/jenkins.git</connection>
     <developerConnection>scm:git:ssh://git@github.com/jenkinsci/jenkins.git</developerConnection>
-    <tag>jenkins-2.330</tag>
+    <tag>${scmTag}</tag>
     <url>https://github.com/jenkinsci/jenkins</url>
   </scm>
 
@@ -70,7 +70,7 @@ THE SOFTWARE.
   </issueManagement>
 
   <properties>
-    <revision>2.330</revision>
+    <revision>2.331</revision>
     <changelist>-SNAPSHOT</changelist>
 
     <!-- *.html files are in UTF-8, and *.properties are in iso-8859-1, so this configuration is actually incorrect,
diff --git a/test/pom.xml b/test/pom.xml
index 9cc759bd0acd..ad5cb291d233 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.330</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-test</artifactId>
diff --git a/war/pom.xml b/war/pom.xml
index 78730b57a587..e71473d30ca0 100644
--- a/war/pom.xml
+++ b/war/pom.xml
@@ -28,7 +28,7 @@ THE SOFTWARE.
   <parent>
     <groupId>org.jenkins-ci.main</groupId>
     <artifactId>jenkins-parent</artifactId>
-    <version>2.330</version>
+    <version>${revision}${changelist}</version>
   </parent>
 
   <artifactId>jenkins-war</artifactId>

From 76ed4199331db4cca5b013d9ab9f6923dff8bf67 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 12 Jan 2022 15:25:27 -0800
Subject: [PATCH 06/12] Bump `antisamy-markup-formatter` from 2.6 to 2.7
 (#6176)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 test/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/pom.xml b/test/pom.xml
index ad5cb291d233..7a6ea59d987b 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -130,7 +130,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>org.jenkins-ci.plugins</groupId>
       <artifactId>antisamy-markup-formatter</artifactId>
-      <version>2.6</version>
+      <version>2.7</version>
       <scope>test</scope>
     </dependency>
     <dependency>

From 0eed2e5678a177a27bb7ecbc432a708b0328b5f6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 12 Jan 2022 15:25:49 -0800
Subject: [PATCH 07/12] Bump `spotless-maven-plugin` from 2.19.1 to 2.19.2
 (#6174)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cecc91b5a761..ed12ddc264e9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -102,7 +102,7 @@ THE SOFTWARE.
     <bridge-method-injector.version>1.23</bridge-method-injector.version>
     <junit.jupiter.version>5.8.2</junit.jupiter.version>
     <mockito.version>4.2.0</mockito.version>
-    <spotless.version>2.19.1</spotless.version>
+    <spotless.version>2.19.2</spotless.version>
   </properties>
 
   <dependencyManagement>

From 0a19e462385afa281712aee6b7c43ba5efd7deb0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 12 Jan 2022 15:26:23 -0800
Subject: [PATCH 08/12] Bump `jenkins-test-harness` (#6173)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 test/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/pom.xml b/test/pom.xml
index 7a6ea59d987b..bf637e7d9117 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -83,7 +83,7 @@ THE SOFTWARE.
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>jenkins-test-harness</artifactId>
-      <version>1682.v4a_71b_f124ca_3</version>
+      <version>1690.vfcb_959006c07</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>

From cd6da0fae6a7af02cb0dcf903d6d7c9d54d0744d Mon Sep 17 00:00:00 2001
From: Daniel Beck <1831569+daniel-beck@users.noreply.github.com>
Date: Thu, 13 Jan 2022 00:26:39 +0100
Subject: [PATCH 09/12] Documentation is no longer in the wiki (#6171)

Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
---
 .../resources/jenkins/install/pluginSetupWizard.properties | 2 +-
 .../jenkins/install/pluginSetupWizard_fr.properties        | 3 ---
 .../jenkins/install/pluginSetupWizard_it.properties        | 7 -------
 .../jenkins/install/pluginSetupWizard_lt.properties        | 1 -
 .../jenkins/install/pluginSetupWizard_pl.properties        | 1 -
 .../jenkins/install/pluginSetupWizard_sr.properties        | 1 -
 .../jenkins/install/pluginSetupWizard_zh_CN.properties     | 1 -
 7 files changed, 1 insertion(+), 15 deletions(-)

diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
index d52a5fc22414..86fd3f21517f 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard.properties
@@ -46,7 +46,7 @@ installWizard_installCustom_selectNone=None
 installWizard_installCustom_selectRecommended=Suggested
 installWizard_installCustom_selected=Selected
 installWizard_installCustom_dependenciesPrefix=Dependencies
-installWizard_installCustom_pluginListDesc=Note that the full list of plugins is not shown here. Additional plugins can be installed in the <strong>Plugin Manager</strong> once the initial setup is complete. <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">See the Wiki for more information</a>.
+installWizard_installCustom_pluginListDesc=Note that the full list of plugins is not shown here. Additional plugins can be installed in the <strong>Plugin Manager</strong> once the initial setup is complete. <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">See the documentation for more information</a>.
 installWizard_goBack=Back
 installWizard_goInstall=Install
 installWizard_installing_title=Getting Started
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties
index 1c56c9f84148..847c7993cdd8 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_fr.properties
@@ -24,9 +24,6 @@ installWizard_installCustom_selectNone=Aucun
 installWizard_installCustom_selectRecommended=Recommand\u00e9s
 installWizard_installCustom_selected=S\u00e9lectionn\u00e9s
 installWizard_installCustom_dependenciesPrefix=D\u00e9pendances
-installWizard_installCustom_pluginListDesc=Notez que la liste compl\u00e8te des plugins n\'est pas affich\u00e9e ici. \
-Des plugins additionnels peuvent \u00eatre install\u00e9s depuis le <strong>Plugin Manager</strong> une fois la \
-configuration initiale termin\u00e9e. <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">Voir le Wiki pour plus d\'informations</a>.
 installWizard_goBack=Retour
 installWizard_goInstall=Installer
 installWizard_installing_title=Installation en cours...
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
index bf4b1141d3b7..fea9125c7255 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_it.properties
@@ -60,13 +60,6 @@ installWizard_installComplete_message=L''installazione di Jenkins 
 installWizard_installComplete_restartLabel=Riavvia
 installWizard_installComplete_title=Attivitā iniziali
 installWizard_installCustom_dependenciesPrefix=Dipendenze
-installWizard_installCustom_pluginListDesc=Si noti che qui non viene \
-  visualizzato l''elenco completo dei componenti aggiuntivi. Č possibile \
-  installare altri componenti aggiuntivi dal <strong>Gestore componenti \
-  aggiuntivi</strong> una volta che l''installazione iniziale č stata \
-  completata. \
-  <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">\
-  Si veda il wiki per ulteriori informazioni</a>.
 installWizard_installCustom_selectAll=Tutti
 installWizard_installCustom_selected=Selezionati
 installWizard_installCustom_selectNone=Nessuno
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_lt.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_lt.properties
index 422b79b59bdc..337dd6304d46 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_lt.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_lt.properties
@@ -22,7 +22,6 @@ installWizard_installCustom_selectNone=Nieko
 installWizard_installCustom_selectRecommended=Rekomenduojami
 installWizard_installCustom_selected=Pa\u017eym\u0117ti
 installWizard_installCustom_dependenciesPrefix=Priklausomyb\u0117s
-installWizard_installCustom_pluginListDesc=Pasteb\u0117tina, kad \u010dia nerodomas pilnas pried\u0173 s\u0105ra\u0161as. Papildomus priedus galite \u012fdiegti <strong>Pried\u0173 tvarkykl\u0117je</strong>, kai bus baigtas pradinis diegimas. <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">Daugiau informacijos rasite vikyje</a>.
 installWizard_goBack=Atgal
 installWizard_goInstall=\u012ediegti
 installWizard_installing_title=\u012evadas
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_pl.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_pl.properties
index c949bf15b2ab..dfdfcc71e388 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_pl.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_pl.properties
@@ -42,7 +42,6 @@ installWizard_installCustom_selectAll=Wszystkie
 installWizard_installCustom_selectNone=\u017Badne
 installWizard_installCustom_selectRecommended=Rekomendowane
 installWizard_installCustom_selected=Wybrane
-installWizard_installCustom_pluginListDesc=Zauwa\u017C, \u017Ce poni\u017Cej nie jest wy\u015Bwietlana pe\u0142na lista wtyczek. Dodatkowe wtyczki mog\u0105 by\u0107 pobrane przez <strong>Mened\u017Cera wtyczek</strong>, kiedy konfiguracja Jenkinsa zostanie zasko\u0144czona. <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">Sprawd\u017A wi\u0119cej informacji na Wiki</a>.
 installWizard_goBack=Wr\u00F3\u0107
 installWizard_goInstall=Instaluj
 installWizard_error_connection=Nie uda\u0142o si\u0119 po\u0142\u0105czy\u0107 z Jenkinsem
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_sr.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_sr.properties
index 337050f21c90..7a68c49b9d92 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_sr.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_sr.properties
@@ -21,7 +21,6 @@ installWizard_installCustom_selectNone=\u041D\u0438\u0448\u0442\u0430
 installWizard_installCustom_selectRecommended=\u041F\u0440\u0435\u0434\u043B\u043E\u0436\u0435\u043D\u043E
 installWizard_installCustom_selected=\u0418\u0437\u0430\u0431\u0440\u0430\u043D\u043E
 installWizard_installCustom_dependenciesPrefix=\u0417\u0430\u0432\u0438\u0441\u043D\u043E\u0441\u0442\u0438
-installWizard_installCustom_pluginListDesc=\u041A\u043E\u043C\u043F\u043B\u0435\u0442\u0430\u043D \u043D\u0438\u0437 \u043C\u043E\u0434\u0443\u043B\u0430 \u043D\u0438\u0458\u0435 \u043F\u0440\u0438\u043A\u0430\u0437\u0430\u043D\u043E. \u0414\u043E\u0434\u0430\u0442\u043D\u0435 \u043C\u043E\u0434\u0443\u043B\u0435 \u043C\u043E\u0433\u0443 \u0431\u0438\u0442\u0438 \u0438\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u043D\u0438 \u0441\u0430 <strong>\u0423\u043F\u0440\u0430\u0432\u0459\u0430\u0447\u0435\u043C \u043C\u043E\u0434\u0443\u043B\u0430</strong>. <a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">\u041F\u0440\u0435\u0433\u043B\u0435\u0434\u0430\u0458\u0442\u0435 \u0412\u0438\u043A\u0438 \u0437\u0430 \u0432\u0438\u0448\u0435 \u0434\u0435\u0442\u0430\u0459\u0430</a>.
 installWizard_goBack=\u041D\u0430\u0437\u0430\u0434
 installWizard_goInstall=\u0418\u043D\u0441\u0442\u0430\u043B\u0438\u0440\u0430\u0458
 installWizard_installing_title=\u041F\u043E\u0447\u0435\u0442\u0430\u043A
diff --git a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
index 9ba84c06c0ab..115ba1786fc6 100644
--- a/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
+++ b/core/src/main/resources/jenkins/install/pluginSetupWizard_zh_CN.properties
@@ -45,7 +45,6 @@ installWizard_installCustom_selectNone=\u65e0
 installWizard_installCustom_selectRecommended=\u5efa\u8bae
 installWizard_installCustom_selected=\u5df2\u9009\u62e9
 installWizard_installCustom_dependenciesPrefix=\u4f9d\u8d56
-installWizard_installCustom_pluginListDesc=\u6ce8\u610f\uff0c\u8fd9\u91cc\u5e76\u672a\u663e\u793a\u5b8c\u6574\u7684\u63d2\u4ef6\u5217\u8868\u3002\u4e00\u65e6\u521d\u59cb\u5b89\u88c5\u5b8c\u6210\u540e\uff0c\u53ef\u901a\u8fc7<strong>\u63d2\u4ef6\u7ba1\u7406\u5668</strong>\u5b89\u88c5\u5176\u4ed6\u63d2\u4ef6\u3002<a href="https://www.jenkins.io/redirect/installation-wizard" rel="noopener noreferrer" target="_blank">\u67e5\u770bwiki\u4e86\u89e3\u66f4\u591a</a>\u3002
 installWizard_goBack=\u540e\u9000
 installWizard_goInstall=\u5b89\u88c5
 installWizard_installing_title=\u65b0\u624b\u5165\u95e8

From 685b60ca0b141a7fe578e54eec03e31db4006916 Mon Sep 17 00:00:00 2001
From: Basil Crow <me@basilcrow.com>
Date: Wed, 12 Jan 2022 15:26:51 -0800
Subject: [PATCH 10/12] 
 `LazyBuildMixInTest#newRunningBuildRelationFromPrevious` flaked on Windows
 (#6175)

---
 test/src/test/java/jenkins/model/lazy/LazyBuildMixInTest.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/src/test/java/jenkins/model/lazy/LazyBuildMixInTest.java b/test/src/test/java/jenkins/model/lazy/LazyBuildMixInTest.java
index 656df07b9bf7..b95aa83bfdbe 100644
--- a/test/src/test/java/jenkins/model/lazy/LazyBuildMixInTest.java
+++ b/test/src/test/java/jenkins/model/lazy/LazyBuildMixInTest.java
@@ -90,9 +90,10 @@ public class LazyBuildMixInTest {
     @Test public void newRunningBuildRelationFromPrevious() throws Exception {
         FreeStyleProject p = r.createFreeStyleProject();
         p.getBuildersList().add(new SleepBuilder(1000));
-        FreeStyleBuild b1 = p.scheduleBuild2(0).get();
+        FreeStyleBuild b1 = r.buildAndAssertSuccess(p);
         assertNull(b1.getNextBuild());
         FreeStyleBuild b2 = p.scheduleBuild2(0).waitForStart();
         assertSame(b2, b1.getNextBuild());
+        r.assertBuildStatusSuccess(r.waitForCompletion(b2));
     }
 }

From 70c92a5225dc4d2422ca5960a5c34c56af018577 Mon Sep 17 00:00:00 2001
From: Jan Faracik <43062514+janfaracik@users.noreply.github.com>
Date: Thu, 13 Jan 2022 07:46:28 +0000
Subject: [PATCH 11/12] [JENKINS-67198] Increase width of forms (#6172)

* Update theme.less

* Update job config page width to match inner form components

* Increase widths of form elements (roughly 100 pixels wider)
---
 core/src/main/resources/hudson/model/Job/configure.jelly | 2 +-
 war/src/main/js/widgets/config/tabbar.less               | 7 +++++++
 war/src/main/less/abstracts/theme.less                   | 6 +++---
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/core/src/main/resources/hudson/model/Job/configure.jelly b/core/src/main/resources/hudson/model/Job/configure.jelly
index 65d855c9e454..be91af8a99a2 100644
--- a/core/src/main/resources/hudson/model/Job/configure.jelly
+++ b/core/src/main/resources/hudson/model/Job/configure.jelly
@@ -37,7 +37,7 @@ THE SOFTWARE.
     <l:main-panel>
     <div class="container">
       <div class="row">
-        <div class="col-md-offset-2 col-md-20">
+        <div class="jenkins-config-container">
 
           <div class="behavior-loading"><l:spinner text="${%LOADING}"/></div>
 
diff --git a/war/src/main/js/widgets/config/tabbar.less b/war/src/main/js/widgets/config/tabbar.less
index 8c2514853cc3..6272a18ba074 100644
--- a/war/src/main/js/widgets/config/tabbar.less
+++ b/war/src/main/js/widgets/config/tabbar.less
@@ -97,6 +97,13 @@
   }
 
 }
+
+#jenkins .jenkins-config-container {
+  width: 100vw;
+  max-width: calc(var(--form-item-max-width) + 20px);
+  margin: auto;
+}
+
 #jenkins{
   .jenkins-config {
     border:1px solid var(--input-border);
diff --git a/war/src/main/less/abstracts/theme.less b/war/src/main/less/abstracts/theme.less
index ffd6c3ab8e8e..7ad0c596381a 100644
--- a/war/src/main/less/abstracts/theme.less
+++ b/war/src/main/less/abstracts/theme.less
@@ -271,9 +271,9 @@
   --input-border: #C3CCD1;
   --input-border-hover: #5C7889;
   --input-hidden-password-bg-color: #f9f9f9;
-  --form-item-max-width: 650px;
-  --form-item-max-width--small: 300px;
-  --form-item-max-width--medium: 450px;
+  --form-item-max-width: ~"min(65vw, 1600px)";
+  --form-item-max-width--medium: ~"min(50vw, 1400px)";
+  --form-item-max-width--small: ~"min(35vw, 1200px)";
   --form-label-font-weight: bold;
   --form-input-padding: 8px;
   --form-input-border-radius: 6px;

From 6b5e3d11700c086d9b3b6e14132240691a6bebbd Mon Sep 17 00:00:00 2001
From: Zbynek Konecny <zbynek1729@gmail.com>
Date: Thu, 13 Jan 2022 08:46:54 +0100
Subject: [PATCH 12/12] Unify labels in plugin manager (#6151)

* Map outdated labels to canonical ones

* Fix checkstyle issue (missing space)
---
 .../main/java/hudson/model/UpdateSite.java    |  5 +-
 .../jenkins/plugins/DetachedPluginsUtil.java  |  2 +-
 .../java/jenkins/util/PluginLabelUtil.java    | 68 +++++++++++++++++++
 .../hudson/model/Messages.properties          |  4 +-
 .../hudson/model/Messages_bg.properties       |  4 +-
 .../hudson/model/Messages_de.properties       |  4 +-
 .../hudson/model/Messages_es.properties       |  2 +-
 .../hudson/model/Messages_it.properties       |  4 +-
 .../hudson/model/Messages_lt.properties       |  4 +-
 .../hudson/model/Messages_sr.properties       |  4 +-
 .../resources/jenkins/canonical-labels.txt    |  5 ++
 .../jenkins/util/PluginLabelUtilTest.java     | 19 ++++++
 12 files changed, 108 insertions(+), 17 deletions(-)
 create mode 100644 core/src/main/java/jenkins/util/PluginLabelUtil.java
 create mode 100644 core/src/main/resources/jenkins/canonical-labels.txt
 create mode 100644 core/src/test/java/jenkins/util/PluginLabelUtilTest.java

diff --git a/core/src/main/java/hudson/model/UpdateSite.java b/core/src/main/java/hudson/model/UpdateSite.java
index e5b7bb3f1228..1b7e3ef89c16 100644
--- a/core/src/main/java/hudson/model/UpdateSite.java
+++ b/core/src/main/java/hudson/model/UpdateSite.java
@@ -28,9 +28,7 @@
 import static java.util.concurrent.TimeUnit.DAYS;
 import static java.util.concurrent.TimeUnit.HOURS;
 import static java.util.concurrent.TimeUnit.SECONDS;
-import static jenkins.util.MemoryReductionUtil.EMPTY_STRING_ARRAY;
 import static jenkins.util.MemoryReductionUtil.getPresizedMutableMap;
-import static jenkins.util.MemoryReductionUtil.internInPlace;
 
 import edu.umd.cs.findbugs.annotations.CheckForNull;
 import edu.umd.cs.findbugs.annotations.NonNull;
@@ -80,6 +78,7 @@
 import jenkins.security.UpdateSiteWarningsConfiguration;
 import jenkins.security.UpdateSiteWarningsMonitor;
 import jenkins.util.JSONSignatureValidator;
+import jenkins.util.PluginLabelUtil;
 import jenkins.util.SystemProperties;
 import jenkins.util.java.JavaUtils;
 import net.sf.json.JSONArray;
@@ -1238,7 +1237,7 @@ public Plugin(String sourceId, JSONObject o) {
             }
             this.popularity = popularity;
             this.releaseTimestamp = date;
-            this.categories = o.has("labels") ? internInPlace((String[]) o.getJSONArray("labels").toArray(EMPTY_STRING_ARRAY)) : null;
+            this.categories = o.has("labels") ? PluginLabelUtil.canonicalLabels(o.getJSONArray("labels")) : null;
             this.issueTrackers = o.has("issueTrackers") ? o.getJSONArray("issueTrackers").stream().map(IssueTracker::createFromJSONObject).filter(Objects::nonNull).toArray(IssueTracker[]::new) : null;
 
             JSONArray ja = o.getJSONArray("dependencies");
diff --git a/core/src/main/java/jenkins/plugins/DetachedPluginsUtil.java b/core/src/main/java/jenkins/plugins/DetachedPluginsUtil.java
index 92c10b25d7ae..9a0bd3d4ed22 100644
--- a/core/src/main/java/jenkins/plugins/DetachedPluginsUtil.java
+++ b/core/src/main/java/jenkins/plugins/DetachedPluginsUtil.java
@@ -144,7 +144,7 @@ public static boolean isDetachedPlugin(@NonNull String pluginId) {
         return false;
     }
 
-    private static Stream<String> configLines(InputStream is) throws IOException {
+    public static Stream<String> configLines(InputStream is) throws IOException {
         return IOUtils.readLines(is, StandardCharsets.UTF_8).stream().filter(line -> !line.matches("#.*|\\s*"));
     }
 
diff --git a/core/src/main/java/jenkins/util/PluginLabelUtil.java b/core/src/main/java/jenkins/util/PluginLabelUtil.java
new file mode 100644
index 000000000000..b50c111cc8fa
--- /dev/null
+++ b/core/src/main/java/jenkins/util/PluginLabelUtil.java
@@ -0,0 +1,68 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2022 Jenkins contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package jenkins.util;
+
+import static jenkins.util.MemoryReductionUtil.EMPTY_STRING_ARRAY;
+
+import hudson.Util;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.HashSet;
+import jenkins.plugins.DetachedPluginsUtil;
+import net.sf.json.JSONArray;
+
+public class PluginLabelUtil {
+    private static HashMap<String, String> renamedLabels;
+
+    private static String canonicalLabel(String label) {
+        if (renamedLabels == null) {
+            renamedLabels = new HashMap<>();
+            try (InputStream is = PluginLabelUtil.class.getResourceAsStream("/jenkins/canonical-labels.txt")) {
+                DetachedPluginsUtil.configLines(is).forEach(line -> {
+                    String[] pieces = line.split(" ");
+                    renamedLabels.put(pieces[0], pieces[1]);
+                });
+            } catch (IOException x) {
+                throw new ExceptionInInitializerError(x);
+            }
+        }
+        return renamedLabels.getOrDefault(label, label);
+    }
+
+    /**
+     * Replaces labels with their canonical form and removes duplicates
+     * @param labels labels array
+     * @return unique canonical labels
+     */
+    public static String[] canonicalLabels(JSONArray labels) {
+        HashSet<String> uniqueLabels = new HashSet<>();
+        for (Object label : labels) {
+            uniqueLabels.add(Util.intern(canonicalLabel(label.toString())));
+        }
+        return uniqueLabels.toArray(EMPTY_STRING_ARRAY);
+    }
+
+}
diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties
index e06fc0fb2648..33e069d4bb73 100644
--- a/core/src/main/resources/hudson/model/Messages.properties
+++ b/core/src/main/resources/hudson/model/Messages.properties
@@ -309,7 +309,7 @@ UpdateCenter.PluginCategory.dotnet=.NET Development
 UpdateCenter.PluginCategory.external=External Site/Tool Integrations
 UpdateCenter.PluginCategory.groovy-related=Groovy-related
 UpdateCenter.PluginCategory.ios=iOS Development
-UpdateCenter.PluginCategory.library=Library plugins (for use by other plugins)
+UpdateCenter.PluginCategory.api-plugin=Library plugins (for use by other plugins)
 UpdateCenter.PluginCategory.listview-column=List view columns
 UpdateCenter.PluginCategory.maven=Maven
 UpdateCenter.PluginCategory.misc=Miscellaneous
@@ -326,7 +326,7 @@ UpdateCenter.PluginCategory.scala=Scala Development
 UpdateCenter.PluginCategory.scm=Source Code Management
 UpdateCenter.PluginCategory.scm-related=Source Code Management related
 UpdateCenter.PluginCategory.security=Security
-UpdateCenter.PluginCategory.slaves=Agent Management
+UpdateCenter.PluginCategory.agent=Agent Management
 UpdateCenter.PluginCategory.test=Testing
 UpdateCenter.PluginCategory.theme=UI Themes
 UpdateCenter.PluginCategory.trigger=Build Triggers
diff --git a/core/src/main/resources/hudson/model/Messages_bg.properties b/core/src/main/resources/hudson/model/Messages_bg.properties
index 1c80a23398b1..66e2a4ecad58 100644
--- a/core/src/main/resources/hudson/model/Messages_bg.properties
+++ b/core/src/main/resources/hudson/model/Messages_bg.properties
@@ -433,7 +433,7 @@ UpdateCenter.PluginCategory.groovy-related=\
  \u0421\u0432\u044a\u0440\u0437\u0430\u043d\u0438 \u0441 Groovy
 UpdateCenter.PluginCategory.ios=\
  \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u0438\u0440\u0430\u043d\u0435 \u0437\u0430 iOS
-UpdateCenter.PluginCategory.library=\
+UpdateCenter.PluginCategory.api-plugin=\
  \u041f\u0440\u0438\u0441\u0442\u0430\u0432\u043a\u0438-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 (\u0438\u0437\u043f\u043e\u043b\u0437\u0432\u0430\u0442 \u0441\u0435 \u043e\u0442 \u0434\u0440\u0443\u0433\u0438 \u043f\u0440\u0438\u0441\u0442\u0430\u0432\u043a\u0438)
 UpdateCenter.PluginCategory.listview-column=\
  \u041a\u043e\u043b\u043e\u043d\u0438 \u0432 \u0441\u043f\u0438\u0441\u044a\u0447\u043d\u0438\u044f \u0438\u0437\u0433\u043b\u0435\u0434
@@ -637,7 +637,7 @@ ComputerSet.SpecifySlaveToCopy=\
 Slave.WindowsSlave=\
  \u0422\u043e\u0432\u0430 \u0435 \u0430\u0433\u0435\u043d\u0442 \u0437\u0430 Windows
 # Agent Launchers and Controllers
-UpdateCenter.PluginCategory.slaves=\
+UpdateCenter.PluginCategory.agent=\
  \u0421\u0442\u0430\u0440\u0442\u0438\u0440\u0430\u043d\u0435 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u0430\u0433\u0435\u043d\u0442\u0438
 MultiStageTimeSeries.EMPTY_STRING=\
  
diff --git a/core/src/main/resources/hudson/model/Messages_de.properties b/core/src/main/resources/hudson/model/Messages_de.properties
index 620e5088f892..9de8c93e009d 100644
--- a/core/src/main/resources/hudson/model/Messages_de.properties
+++ b/core/src/main/resources/hudson/model/Messages_de.properties
@@ -311,7 +311,7 @@ UpdateCenter.PluginCategory.dotnet=.NET-Entwicklung
 UpdateCenter.PluginCategory.external=Integration externer Sites und Werkzeuge
 UpdateCenter.PluginCategory.groovy-related=Groovy (weiteres Umfeld)
 UpdateCenter.PluginCategory.ios=iOS-Entwicklung
-UpdateCenter.PluginCategory.library=Programmbibliotheken (von anderen Plugins verwendet)
+UpdateCenter.PluginCategory.api-plugin=Programmbibliotheken (von anderen Plugins verwendet)
 UpdateCenter.PluginCategory.listview-column=Spalten f\u00FCr Listenansichten
 UpdateCenter.PluginCategory.maven=Maven bzw. Plugins mit besonderer Maven-Unterst\u00FCtzung
 UpdateCenter.PluginCategory.misc=Verschiedenes
@@ -326,7 +326,7 @@ UpdateCenter.PluginCategory.scala=Scala-Entwicklung
 UpdateCenter.PluginCategory.scm=Versionsverwaltung
 UpdateCenter.PluginCategory.scm-related=Versionsverwaltung (weiteres Umfeld)
 UpdateCenter.PluginCategory.security=Sicherheit
-UpdateCenter.PluginCategory.slaves=Agenten-Start und -Steuerung
+UpdateCenter.PluginCategory.agent=Agenten-Start und -Steuerung
 UpdateCenter.PluginCategory.test=Testen
 UpdateCenter.PluginCategory.trigger=Build-Ausl\u00F6ser
 UpdateCenter.PluginCategory.ui=Benutzeroberfl\u00E4che
diff --git a/core/src/main/resources/hudson/model/Messages_es.properties b/core/src/main/resources/hudson/model/Messages_es.properties
index 4fa6ccd05f77..a40a0cb3d3ce 100644
--- a/core/src/main/resources/hudson/model/Messages_es.properties
+++ b/core/src/main/resources/hudson/model/Messages_es.properties
@@ -194,7 +194,7 @@ UpdateCenter.PluginCategory.post-build=Plugins que a\u00f1aden acciones de post-
 UpdateCenter.PluginCategory.report=Plugins para generar informes
 UpdateCenter.PluginCategory.scm=Plugins de repositorios de software
 UpdateCenter.PluginCategory.scm-related=Plugins relacionados con la gesti\u00f3n repositorios
-UpdateCenter.PluginCategory.slaves=Plugins para el control de nodos
+UpdateCenter.PluginCategory.agent=Plugins para el control de nodos
 
 
 UpdateCenter.PluginCategory.trigger=Plugins lanzadores de tareas
diff --git a/core/src/main/resources/hudson/model/Messages_it.properties b/core/src/main/resources/hudson/model/Messages_it.properties
index 695944168aca..498514bcf843 100644
--- a/core/src/main/resources/hudson/model/Messages_it.properties
+++ b/core/src/main/resources/hudson/model/Messages_it.properties
@@ -403,7 +403,7 @@ UpdateCenter.PluginCategory.dotnet=Sviluppo .NET
 UpdateCenter.PluginCategory.external=Integrazioni siti/strumenti esterni
 UpdateCenter.PluginCategory.groovy-related=Componenti legati a Groovy
 UpdateCenter.PluginCategory.ios=Sviluppo iOS
-UpdateCenter.PluginCategory.library=Componenti libreria (per l''utilizzo da \
+UpdateCenter.PluginCategory.api-plugin=Componenti libreria (per l''utilizzo da \
   parte di altri componenti aggiuntivi)
 UpdateCenter.PluginCategory.listview-column=Colonne visualizzazione elenco
 UpdateCenter.PluginCategory.maven=Maven
@@ -423,7 +423,7 @@ UpdateCenter.PluginCategory.scm=Gestione del codice sorgente
 UpdateCenter.PluginCategory.scm-related=Componenti legati alla gestione del \
   codice sorgente
 UpdateCenter.PluginCategory.security=Sicurezza
-UpdateCenter.PluginCategory.slaves=Avvio e controllo agenti
+UpdateCenter.PluginCategory.agent=Avvio e controllo agenti
 UpdateCenter.PluginCategory.test=Test
 UpdateCenter.PluginCategory.theme=Temi interfaccia utente
 UpdateCenter.PluginCategory.trigger=Trigger compilazione
diff --git a/core/src/main/resources/hudson/model/Messages_lt.properties b/core/src/main/resources/hudson/model/Messages_lt.properties
index 22eb9d968088..5d2571900abd 100644
--- a/core/src/main/resources/hudson/model/Messages_lt.properties
+++ b/core/src/main/resources/hudson/model/Messages_lt.properties
@@ -252,7 +252,7 @@ UpdateCenter.PluginCategory.dotnet=.NET k\u016brimas
 UpdateCenter.PluginCategory.external=I\u0161orin\u0117 svetain\u0117/\u012franki\u0173 integracija
 UpdateCenter.PluginCategory.groovy-related=Groovy-susij\u0119s
 UpdateCenter.PluginCategory.ios=iOS k\u016brimas
-UpdateCenter.PluginCategory.library=Bibliotek\u0173 priedai (naudojami kit\u0173 pried\u0173)
+UpdateCenter.PluginCategory.api-plugin=Bibliotek\u0173 priedai (naudojami kit\u0173 pried\u0173)
 UpdateCenter.PluginCategory.listview-column=Rodinio s\u0105ra\u0161o stulpeliai
 UpdateCenter.PluginCategory.maven=Maven
 UpdateCenter.PluginCategory.misc=\u012evair\u016bs
@@ -268,7 +268,7 @@ UpdateCenter.PluginCategory.scala=Scala k\u016brimas
 UpdateCenter.PluginCategory.scm=I\u0161eities kodo valdymas
 UpdateCenter.PluginCategory.scm-related=Susij\u0119 su i\u0161eities kodo valdymu
 UpdateCenter.PluginCategory.security=Saugumas
-UpdateCenter.PluginCategory.slaves=Agent\u0173 paleid\u0117jai ir valdytojai
+UpdateCenter.PluginCategory.agent=Agent\u0173 paleid\u0117jai ir valdytojai
 UpdateCenter.PluginCategory.test=Testavimas
 UpdateCenter.PluginCategory.trigger=Vykdymo trigeriai
 UpdateCenter.PluginCategory.ui=Naudotojo s\u0105saja
diff --git a/core/src/main/resources/hudson/model/Messages_sr.properties b/core/src/main/resources/hudson/model/Messages_sr.properties
index f75aca4c4ee1..ec285a88bbe3 100644
--- a/core/src/main/resources/hudson/model/Messages_sr.properties
+++ b/core/src/main/resources/hudson/model/Messages_sr.properties
@@ -27,7 +27,7 @@ UpdateCenter.PluginCategory.deployment=\u0418\u043D\u0441\u0442\u0430\u043B\u043
 UpdateCenter.PluginCategory.external=\u0418\u043D\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0458\u0430 \u0435\u043A\u0441\u0442\u0435\u0440\u043D\u0438\u043C \u0441\u0435\u0440\u0432\u0438\u0441\u0438\u043C\u0430 \u0438 \u0430\u043B\u0430\u0442\u0438\u043C\u0430
 UpdateCenter.PluginCategory.groovy-related=\u0423 \u0432\u0435\u0437\u0438 \u0441\u0430 Groovy
 UpdateCenter.PluginCategory.ios=iOS \u043F\u0440\u043E\u0433\u0440\u0430\u043C\u0438\u0440\u0430\u045A\u0435
-UpdateCenter.PluginCategory.library=\u0411\u0438\u0431\u043B\u0438\u043E\u0442\u0435\u043A\u0435 \u0437\u0430 \u043C\u043E\u0434\u0443\u043B\u0435 (\u0443 \u043A\u043E\u0440\u0438\u0441\u0442 \u0434\u0440\u0443\u0433\u0438\u0445 \u043C\u043E\u0434\u0443\u043B\u0430)
+UpdateCenter.PluginCategory.api-plugin=\u0411\u0438\u0431\u043B\u0438\u043E\u0442\u0435\u043A\u0435 \u0437\u0430 \u043C\u043E\u0434\u0443\u043B\u0435 (\u0443 \u043A\u043E\u0440\u0438\u0441\u0442 \u0434\u0440\u0443\u0433\u0438\u0445 \u043C\u043E\u0434\u0443\u043B\u0430)
 UpdateCenter.PluginCategory.maven=Maven
 UpdateCenter.PluginCategory.cluster=\u0423\u043F\u0440\u0430\u0432\u0459\u0430\u045A\u0435 \u043A\u043B\u0430\u0441\u0442\u0435\u0440\u0430 \u0438 \u0440\u0430\u0441\u043F\u043E\u0434\u0435\u0459\u0435\u043D\u043E \u0438\u0437\u0433\u0440\u0430\u0434\u045A\u0435
 UpdateCenter.PluginCategory.android=Android \u043F\u0440\u043E\u0433\u0440\u0430\u043C\u0438\u0440\u0430\u045A\u0435
@@ -38,7 +38,7 @@ UpdateCenter.PluginCategory.scm=\u0421\u0438\u0441\u0442\u0435\u043C \u0437\u043
 UpdateCenter.PluginCategory.scala=Scala \u043F\u0440\u043E\u0433\u0440\u0430\u043C\u0438\u0440\u0430\u045A\u0435
 UpdateCenter.PluginCategory.scm-related=\u0412\u0435\u0437\u0430\u043D\u043E \u0441\u0430 \u0441\u0438\u0441\u0442\u0435\u043C\u043E\u043C \u0437\u0430 \u0443\u043F\u0440\u0430\u0432\u0459\u0430\u045A\u0435 \u0438\u0437\u0432\u043E\u0440\u043D\u043E\u0433 \u043A\u043E\u0434\u0430
 UpdateCenter.PluginCategory.security=\u0411\u0435\u0437\u0431\u0435\u0434\u043D\u043E\u0441\u0442
-UpdateCenter.PluginCategory.slaves=\u041F\u043E\u043A\u0440\u0435\u0442\u0430\u045A\u0435 \u0438 \u0443\u043F\u0440\u0430\u0432\u0459\u0430\u045A\u0435 \u0430\u0433\u0435\u043D\u0430\u0442\u0430
+UpdateCenter.PluginCategory.agent=\u041F\u043E\u043A\u0440\u0435\u0442\u0430\u045A\u0435 \u0438 \u0443\u043F\u0440\u0430\u0432\u0459\u0430\u045A\u0435 \u0430\u0433\u0435\u043D\u0430\u0442\u0430
 UpdateCenter.PluginCategory.test=\u0422\u0435\u0441\u0442\u0438\u0440\u0430\u045A\u0435
 UpdateCenter.PluginCategory.trigger=\u0410\u0443\u0442\u043E\u043C\u0430\u0442\u0441\u043A\u0438 \u0441\u0442\u0430\u0440\u0442 \u0438\u0437\u0433\u0440\u0430\u0434\u045A\u0435
 \u043D\u0430\u043F\u0430\u0441\u0432\u0430=
diff --git a/core/src/main/resources/jenkins/canonical-labels.txt b/core/src/main/resources/jenkins/canonical-labels.txt
new file mode 100644
index 000000000000..80da6345deac
--- /dev/null
+++ b/core/src/main/resources/jenkins/canonical-labels.txt
@@ -0,0 +1,5 @@
+# This file lists plugin labels pairs that should be unified in the future.
+# If these labels were changed in plugins now, they would not show localized strings in old core versions.
+# See https://github.com/jenkinsci/jenkins/pull/6151
+library api-plugin
+slaves agent
\ No newline at end of file
diff --git a/core/src/test/java/jenkins/util/PluginLabelUtilTest.java b/core/src/test/java/jenkins/util/PluginLabelUtilTest.java
new file mode 100644
index 000000000000..312aa61ac32b
--- /dev/null
+++ b/core/src/test/java/jenkins/util/PluginLabelUtilTest.java
@@ -0,0 +1,19 @@
+package jenkins.util;
+
+import static org.junit.Assert.assertArrayEquals;
+
+import net.sf.json.JSONArray;
+import org.junit.Test;
+
+public class PluginLabelUtilTest {
+
+    @Test
+    public void testCanonicalLabels() {
+        JSONArray labels = new JSONArray();
+        labels.add("slaves");
+        labels.add("api-plugin");
+        labels.add("library");
+        assertArrayEquals(new String[]{"agent", "api-plugin"},
+                PluginLabelUtil.canonicalLabels(labels));
+    }
+}