Jenkins 2.303.1

What's new in this version:

Changes since 2.303:
- Fix an issue unzipping archives in a corner case when entries have the same path prefix as the target location
- Detect files in a symlink that points to a directory (regression in 2.301). Bump Commons IO to 2.11.0.
- Show tooltips when users hover on the SVG icons
- Use Java 11 in Docker images instead of Java 8
- Allow Java 11 administrative monitor to be disabled with a system property

Notable changes since 2.289.3:
- Fix SSH command line interface (CLI) authentication (regression in 2.284)
- Fix NoSuchMethodError when using plugins that rely on bridge methods for compatibility (regression in 2.278)
- Remove Apache Commons Digester library and related code from the Jenkins core. (pull 5320, issue 65161, Announcement and upgrade guidelines)
- Jenkins redirects users to the previous page after login even if they were able to view it while not logged in (regression in 2.266)
- Improve contrast for the checkbox in the login page. (pull 5536)
- Recommend running on Java 11
- Display Pipeline builds among user build history and remove incorrect warning about view build history
- Show implied plugin dependencies or a count of dependencies for plugins split from core. (pull 5472)
- Explain that some plugin updates can be unavailable even on the latest version of a given release line (i.e. LTS). (pull 5462)
- Update French terminology for controller
- Change the word 'number' to 'integer' in the error message of the number field. (pull 5538)
- The Jenkins process management functionality now supports FreeBSD. (pull 5563)
- Optimize access control checks affecting (at least) Pipeline node steps. (pull 5586)
- Remove JEP-200 compatibility workarounds for releases published before February 2018 of the following plugins: Maven Integration, Job DSL, Monitoring, Git Client, Pipeline: Supporting APIs, OWASP Dependency-Check. (pull 5454, Plugin versions with a fix, JEP-200)
- Update Stapler from 1.263 to 1563.v3da2d02f9572 to improve performance when encoding unicode characters in JSON API. (pull 5422, Stapler 1527.ve41b3ce15c05 changelog, Stapler 1532.vfcf95addcb5f changelog, pull 5549, Stapler 1539.v2f05ce93882d changelog, Stapler 1563.v3da2d02f9572 changelog)
- Stop bundling the External Monitor Job Type, LDAP, and PAM Authentication plugins. Jenkins will no longer automatically install the External Monitor Job Type, LDAP, or PAM Authentication plugins on startup if a plugin depending on Jenkins (then Hudson) 1.467 or earlier is discovered. If you use such a plugin that also relies on the functionality provided by the External Monitor Job Type, LDAP, or PAM Authentication plugin and manage plugins outside Jenkins' plugin manager, you will now need to ensure that a recent release of the External Monitor Job Type, LDAP, or PAM Authentication plugin is installed. Jenkins will attempt to load such plugins but may fail at any time during startup or afterwards with ClassNotFoundException or similar. (pull 5445, External Monitor Job Type plugin, LDAP plugin, PAM Authentication plugin)
- Winstone 5.19: Update Jetty from 9.4.41.v20210516 to Jetty 9.4.42.v20210604. (pull 5589, Winstone 5.19 changelog, Jetty 9.4.42 changelog)
- Bump spring-security-bom from 5.4.6 to 5.5.1. (pull 5505, Spring project spring-security 5.5.0 release notes, pull 5598, Spring project spring-security 5.5.1 release notes)
- Bump sshd-core from 2.5.1 to 2.7.0 in Jenkins CLI. (pull 5547)
- Add X-Frame-Options header to AJAX responses. (pull 5555)
- Remove the Bytecode Compatibility Transformer library and related code from Jenkins core. Developer: Plugins that rely on the hudson.model.Queue$Item#id or hudson.model.AbstractProject#triggers fields must be updated to call the corresponding getters. (pull 5526, Vertx plugin, Slave Prerequisites plugin)
- Stop sending HTTP response headers related to the remoting-based CLI (removed in 2.165). (pull 5452)
- Internal: Upgrade from Remoting 4.7 to Remoting 4.10 with bugfixes and dependency updates. (pull 5478, issue 40700, Remoting 4.8 changelog, pull 5539, Remoting 4.9 changelog, pull 5607, Remoting 4.10 changelog)
- Developer: Remove JTidy dependency from Jenkins core. Plugins that use JTidy functionality must be updated to explicitly declare a dependency on JTidy rather than relying on Jenkins core to provide this library. (pull 5521, NIS notification lamp plugin)
- Developer: InterceptingExecutorService and its subclasses no longer extend com.google.common.util.concurrent.ForwardingExecutorService or com.google.common.collect.ForwardingObject.
- Developer: Remove jna-posix dependency from Jenkins core. Plugins that use jna-posix functionality must be migrated from jna-posix to jnr-posix. (pull 5560, Maven Repository Scheduled Cleanup plugin, SICCI for Xcode plugin, java.io.tmpdir cleaner plugin)
- Developer: The hudson.util.SubClassGenerator and experimental hudson.model.TreeView class have been removed without replacement.