From dac61d8a278e72abbae6c383204dfedc6876701d Mon Sep 17 00:00:00 2001 From: Daniel Beck <1831569+daniel-beck@users.noreply.github.com> Date: Thu, 28 Nov 2024 22:52:55 +0100 Subject: [PATCH 1/3] [JENKINS-73487] Fix Stapler exception with multiple security warnings (#9983) Co-authored-by: Daniel Beck (cherry picked from commit 5a574c9fd62d24e2a870953284fdc83e0b32131f) --- .../jenkins/security/UpdateSiteWarningsMonitor/message.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/src/main/resources/jenkins/security/UpdateSiteWarningsMonitor/message.groovy b/core/src/main/resources/jenkins/security/UpdateSiteWarningsMonitor/message.groovy index 56cbb0bb4ddd..89b634002006 100644 --- a/core/src/main/resources/jenkins/security/UpdateSiteWarningsMonitor/message.groovy +++ b/core/src/main/resources/jenkins/security/UpdateSiteWarningsMonitor/message.groovy @@ -42,7 +42,7 @@ def listWarnings(warnings, boolean core) { } } } - if (fixables == warnings.size) { + if (fixables == warnings.size()) { dd { if (fixables == 1) { raw(_(core ? "allFixable1Core" : "allFixable1", rootURL)) From 2e90e866738bbf0164dd308d9bc539e812c7e7d4 Mon Sep 17 00:00:00 2001 From: Yen Cheng Lin <92412722+ridemountainpig@users.noreply.github.com> Date: Fri, 29 Nov 2024 05:53:08 +0800 Subject: [PATCH 2/3] [JENKINS-73907] Fix double-escaped tooltips in "Help for feature" (#10000) Co-authored-by: Daniel Beck (cherry picked from commit f91ebb42382ae058d29da319c83bf42cef89b32d) --- core/src/main/resources/lib/form/helpLink.jelly | 2 +- test/src/test/java/jenkins/security/Security2779Test.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/src/main/resources/lib/form/helpLink.jelly b/core/src/main/resources/lib/form/helpLink.jelly index e7f2aa213c54..a388baf05f87 100644 --- a/core/src/main/resources/lib/form/helpLink.jelly +++ b/core/src/main/resources/lib/form/helpLink.jelly @@ -55,7 +55,7 @@ THE SOFTWARE. - + ? diff --git a/test/src/test/java/jenkins/security/Security2779Test.java b/test/src/test/java/jenkins/security/Security2779Test.java index ef8ef8fef7d5..8e2460687aaf 100644 --- a/test/src/test/java/jenkins/security/Security2779Test.java +++ b/test/src/test/java/jenkins/security/Security2779Test.java @@ -49,7 +49,7 @@ private void noCrossSiteScriptingInHelp(String selector) throws Exception { // assert leading space to identify unintentional double-escaping (&lt;) as test failure assertThat("tooltip does not contain dangerous HTML", jsResultString, not(containsString(" Date: Sat, 16 Nov 2024 21:50:07 +0100 Subject: [PATCH 3/3] [JENKINS-73908] Do not show button to upgrade to SystemRead users (#9981) Co-authored-by: Daniel Beck (cherry picked from commit 530b0abd38cc29db8737c445775ad0d608434564) --- .../UpdateCenter/CoreUpdateMonitor/message.jelly | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/core/src/main/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message.jelly b/core/src/main/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message.jelly index f11ee8837cdd..efaa6159136e 100644 --- a/core/src/main/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message.jelly +++ b/core/src/main/resources/hudson/model/UpdateCenter/CoreUpdateMonitor/message.jelly @@ -53,11 +53,13 @@ THE SOFTWARE. ${%NewVersionAvailable(ucData.core.version,ucData.core.url,changelog_url)} - -
- - -
+ + +
+ + +
+